Penetration testing course specialists from the International Institute of Cyber Security (IICS) report the finding of a set of vulnerabilities, dubbed DragonBlood, that affect the standard of authentication and security of connection WiFi WPA3, the latest release of WiFi Alliance.
If exploited, these vulnerabilities could allow
an attacker located within the range of a WiFi signal to obtain the network
password or infiltrate the potential victim systems.
According to the penetration testing course
specialists, DragonBlood consists of five different vulnerabilities:
- A
denial-of-service
(DoS) attack vulnerability - Two
side channel information leak errors - Two
errors that allow downgrade attacks
Although DoS attack has not been considered
highly risky, because it is only functional in WPA3-compatible access points,
the other four discovered vulnerabilities can be used to retrieve sensitive
user information, such as passwords. These four attacks exploit flaws in the
design of the Dragonfly key exchange in the WPA3 standard, a mechanism used to
authenticate a router or access point.
In the downgrade attack, hackers can force a
WPA3 WiFi network to use older and less secure key exchange systems; Because of
this, attackers can recover passwords by exploiting old vulnerabilities.
On the other hand, in the side channel
information leak attacks networks with WiFi WPA3 support can deceive a device
to force it to use less secure algorithms, so small amounts of information
about the network password will be leaked; when you repeat this process the
necessary times you can recover the password of a WiFi network completely.
According to the penetration testing course
specialists the set of DragonBlood vulnerabilities also impacts the extensible
Authentication Protocol (EAP-pwd) supported by WPA and WPA2 standards. “This
vulnerability allows hackers to impersonate any user and therefore access the
WiFi network, without knowing the legitimate user’s password “.
Shortly after receiving the vulnerability
report, WiFi Alliance announced that the fixes for these vulnerabilities would
be available as soon as possible. “All these problems are solvable using
software updates, no need to fix the devices”, said WiFi Alliance in a
statement.
