Security researchers claim to have found high-severity vulnerabilities in WPA2 (Wi-Fi Protected Access II), a popular security protocol used by nearly every Wi-Fi device on the planet. The vulnerabilities could potentially allow anyone near your router to eavesdrop on the Wi-Fi traffic being sent through it.
Details have been revealed on a dedicated site called krackattacks.com, named after the proof-of-concept attack called KRACK (Key Reinstallation Attacks). A total of 10 vulnerabilities have been identified, and were discovered by researcher Mathy Vanhoef of imec-DistriNet, KU Leuven.
“If your device supports Wi-Fi, it is most likely affected,” Vanhoef writes on the website.
“Concretely, attackers can use this novel [KRACK] attack technique to read information that was previously assumed to be safely encrypted. This can be abused to steal sensitive information such as credit card numbers, passwords, chat messages, emails, photos, and so on. The attack works against all modern protected Wi-Fi networks,” he adds.
The attack essentially targets Wi-Fi clients using WPA2 (nearly every Wi-Fi device out there), and compromises the encryption protocol used for communicating with the router. After this, “any data or information that the victim transmits can be decrypted”, Vanhoef notes, adding that event HTTPS communication have been bypassed in the past, so it may not be safe either.
He adds that the “attack is exceptionally devastating against Linux and Android 6.0 or higher”, though devices running Apple’s mobile and desktop operating system, Windows, OpenBSD etc. are all vulnerable. Note that to protect yourself against attacks, it’s Wi-Fi clients like laptops, smartphones, smart home devices, and the likes, will need to install security updates.
“Our main attack is against the 4-way handshake, and does not exploit access points, but instead targets clients. So it might be that your router does not require security updates,” Vanhoef notes.
The vulnerabilities have been assigned Common Vulnerabilities and Exposures (CVE) identifiers, specifically: CVE-2017-13077, CVE-2017-13078, CVE-2017-13079, CVE-2017-13080, CVE-2017-13081, CVE-2017-13082, CVE-2017-13084, CVE-2017-13086,CVE-2017-13087, and CVE-2017-13088. Further details of these vulnerabilities can be found on the aforementioned website, or the National Vulnerability Database of the US Department of Commerce’s NIST website.