Macau Computer Emergency Response Team

Current Internet Security Level is:

There is nothing special about the environment of the internet that causes alarm. Continue to use the same level of caution you normally do.

Special Alerts

Latest Event

MOCERT Participated in APCERT Annual General Meeting & Conference 2018

Top Five Issues

Top Five Advisories

Professional Service

MOCERT Advance Security Log Analytics Service

WPA3 Multiple Vulnerabilities: "Dragonblood"

Wednesday, 17 April 2019 12:00

Description:
Researchers has discovered two types of design flaws in WPA3-first leads to downgrade attacks and second to side-channel leaks, which can allow a remote attacker to acquire a weak password, conduct a denial of service, or gain complete authorization. These vulnerabilities have also been referred to as Dragonblood.

CVE Numbers:
CVE-2019-9494/CVE-2019-9495/CVE-2019-9496/CVE-2019-9497/CVE-2019-9498/CVE-2019-9499

Impact:
A downgrade attack against WPA3-Transtition mode can lead to dictionary attacks. A security group downgrade attack, a timing-based side-channel attack, a cache-based side-channel attack, and a resource consumption attack against the WPA3's Dragonfly handshake can be used to recover passwords or cause a DoS.

Solution:
Upgrade wpa_supplicant and hostapd to version 2.8

Available Mitigations:
Mitigations are available for
CVE-2019-9494 https://w1.fi/security/2019-1/
CVE-2019-9495 https://w1.fi/security/2019-2/
CVE-2019-9496 https://w1.fi/security/2019-3/
CVE-2019-9497 https://w1.fi/security/2019-4/
CVE-2019-9498 https://w1.fi/security/2019-4/
CVE-2019-9499 https://w1.fi/security/2019-4/

Reference:
https://www.kb.cert.org/vuls/id/871675/
https://wpa3.mathyvanhoef.com/
https://papers.mathyvanhoef.com/dragonblood.pdf

od_displayImage('sitelogo', 'https://www.mocert.org/templates/jabellatrix/images/logo', 245, 65, '', 'MOCert');

Special Alerts

Latest Event

Top Five Issues

Top Five Advisories

Professional Service