Wi-Fi Protected Access (WPA and WPA2) allows reinstallation of the Station-To-Station-Link (STSL) Transient Key (STK) during the PeerKey handshake, allowing an attacker within radio range to replay, decrypt, or spoof frames.

According to its self-reported version number, the remote pfSense install is affected by multiple vulnerabilities as stated in the referenced vendor advisories.

The remote host is affected by the vulnerability described in GLSA-201711-03 (hostapd and wpa_supplicant: Key Reinstallation (KRACK) attacks)

    WiFi Protected Access (WPA and WPA2) and it&rsquo;s associated technologies       are all vulnerable to the KRACK attacks. Please review the referenced CVE       identifiers for details.
  Impact :

    An attacker can carry out the KRACK attacks on a wireless network in       order to gain access to network clients. Once achieved, the attacker can       potentially harvest confidential information (e.g. HTTP/HTTPS), inject       malware, or perform a myriad of other attacks.
  Workaround :

    There is no known workaround at this time.

New wpa_supplicant packages are available for Slackware 14.0, 14.1, 14.2, and -current to fix security issues.

According to its self-reported version, the remote networking device is running a version of UniFi OS prior to 3.9.3.7537. It, therefore, vulnerable to multiple vulnerabilities discovered in the WPA2 handshake protocol.

wpa_supplicant developers report :

A vulnerability was found in how a number of implementations can be triggered to reconfigure WPA/WPA2/RSN keys (TK, GTK, or IGTK) by replaying a specific frame that is used to manage the keys.

According to its self-reported version, the remote networking device is running a version of MikroTik 6.9.X prior to 6.39.3, 6.40.x < 6.40.4, or 6.41rc. It, therefore, vulnerable to multiple vulnerabilities discovered in the WPA2 handshake protocol.

According to its self-reported version, the Cisco ASA with FirePOWER Services is affected by multiple vulnerabilities related to the KRACK attack. Please see the included Cisco BIDs and the Cisco Security Advisory for more information.

ID	Name	Product	Family	Severity
109037	pfSense < 2.3.5 Multiple Vulnerabilities (KRACK)	Nessus	Firewalls	critical
104511	GLSA-201711-03 : hostapd and wpa_supplicant: Key Reinstallation (KRACK) attacks (KRACK)	Nessus	Gentoo Local Security Checks	high
103944	Slackware 14.0 / 14.1 / 14.2 / current : wpa_supplicant (SSA:2017-291-02) (KRACK)	Nessus	Slackware Local Security Checks	high
103875	Ubiquiti Networks UniFi < 3.9.3.7537 (KRACK)	Nessus	Misc.	high
103862	FreeBSD : WPA packet number reuse with replayed messages and key reinstallation (d670a953-b2a1-11e7-a633-009c02a2ab30) (KRACK)	Nessus	FreeBSD Local Security Checks	high
103857	MikroTik RouterOS < 6.39.3 / 6.40.4 / 6.41rc (KRACK)	Nessus	Misc.	high
103856	Cisco ASA FirePOWER Services Multiple Vulnerabilities in Wi-Fi Protected Access and Wi-Fi Protected Access II (KRACK)	Nessus	CISCO	high

Detections

Analytics

CVE-2017-13084

medium

Tenable Plugins

critical

high

high

high

high

high

high