Earlier today, it was published that a bug exists termed KRACK (Key Reinstallation Attack) which exposes a fundamental flaw in WPA2. WPA2 is a common protocol used in securing most modern wireless networks.
The bug specifically exposes vulnerabilities in the 4-way handshake of the Wi-Fi Protected Access II (WPA2) security protocol. The impact of exploiting these vulnerabilities includes decryption, packet replay, TCP connection hijacking, HTTP content injection, and others. That weakness can, at its worst, allow an attacker to decrypt network traffic from a WPA2-enabled device, hijack connections, and inject content into the traffic stream. When it’s resent in certain ways, a cryptographic nonce can be reused in a way that completely undermines the encryption. You can learn more about the exploit here.
Integration Partners is recommending that you review and update any, and all technologies that use WPA2 encryption.
Please contact us if you need assistance by either filling out the form below or giving us a call at 781.357.8100.