Researchers have discovered a flaw that exploits the 4way handshake used by WPA and WPA2. Attackers can reset the encryption key used, allowing them the ability to decrypt some traffic, perform TCP hijacking and perform HTTP injection on vulnerable devices.
On Android 6.0+ and Linux devices all non-HTTPS traffic can be decrypted. Due to skill and proximity barriers, eSentire does not consider this to be an immediate threat. Researchers have stated that they will release proof-of-concept code at "a later date". Therefore, we highly recommend the deployment of patches as they’re released.
eSentire highly recommends evaluating and deploying patches as they become available from vendors.
- Successful attacks require both proximity and a high degree of skill to successfully exploit victims.
- Public exploits have not been disclosed.
- eSentire is not aware of any known instances of this being exploited in the wild.
- More information can be found at https://www.kb.cert.org/vuls/id/228519 & https://www.krackattacks.com/