IGTK Key Reinstallation Attack: Exploiting WPA/WPA2 Wi-Fi Protected Access

IGTK Key Reinstallation Attack: Exploiting WPA/WPA2 Wi-Fi Protected Access

CVE-2017-13079 · LOW Severity

AV:A/AC:M/AU:N/C:N/I:P/A:N

Wi-Fi Protected Access (WPA and WPA2) that supports IEEE 802.11w allows reinstallation of the Integrity Group Temporal Key (IGTK) during the four-way handshake, allowing an attacker within radio range to spoof frames from access points to clients.

Learn more about our Web Application Penetration Testing UK.