Information Security News mailing list archives

Previous By Date Next
Previous By Thread Next

Dragonblood vulnerabilities disclosed in WiFi WPA3 standard

From: InfoSec News <alerts () infosecnews org>
Date: Fri, 12 Apr 2019 08:29:07 +0000 (UTC)
https://www.zdnet.com/article/dragonblood-vulnerabilities-disclosed-in-wifi-wpa3-standard/

By Catalin Cimpanu
Zero Day
ZDNet News
April 10, 2019

Two security researchers disclosed details today about a group of
vulnerabilities collectively referred to as Dragonblood that impact the WiFi
Alliance's recently launched WPA3 Wi-Fi security and authentication standard.

If ever exploited, the vulnerabilities would allow an attacker within the range
of a victim's network to recover the Wi-Fi password and infiltrate the target's
network.


THE DRAGONBLOOD VULNERABILITIES

In total, five vulnerabilities are part of the Dragonblood ensemble --a denial
of service attack, two downgrade attacks, and two side-channel information
leaks.

While the denial of service attack is somewhat unimportant as it only leads to
crashing WPA3-compatible access points, the other four are the ones that can be
used to recover user passwords.

[...]



--
Subscribe to InfoSec News
https://www.infosecnews.org/subscribe-to-infosec-news/
https://twitter.com/infosecnews_
Previous By Date Next
Previous By Thread Next

Current thread: