Windows Wireless WPA Group Key Reinstallation Vulnerability - CVE-2017-13080ID: oval:org.secpod.oval:def:42412 | Date: (C)2017-10-17 (M)2024-03-06 |
Class: VULNERABILITY | Family: windows |
A spoofing vulnerability exists in the Windows implementation of wireless networking. An attacker who successfully exploited this vulnerability could potentially replay broadcast and/or multicast traffic to hosts on a WPA or WPA 2-protected wireless network.
Multiple conditions would need to be met in order for an attacker to exploit the vulnerability the attacker would need to be within the physical proximity of the targeted user, and the user's computer would need to have wireless networking enabled. The attacker would then need to execute a man-in-the-middle (MitM) attack to intercept traffic between the target computer and wireless access point.
The security update addresses the vulnerability by changing how Windows verifies wireless group key handshakes.
Platform: |
Microsoft Windows 10 |
Microsoft Windows 7 |
Microsoft Windows 8.1 |
Microsoft Windows Server 2008 |
Microsoft Windows Server 2008 R2 |
Microsoft Windows Server 2012 |
Microsoft Windows Server 2012 R2 |
Microsoft Windows Server 2016 |