Software update for Personal AXS GUARD v3.2.0

Countering Key Reinstallation Attacks

WPA2 vulnerability

Security researchers have discovered a major vulnerability in Wi-Fi Protected Access 2 (WPA2), a type of encryption used to secure the vast majority of Wi-Fi networks.

An attacker within range of a victim can exploit this vulnerability through the use of key reinstallation attacks (KRACKs). These techniques allow attackers to read information that was previously assumed to be safely encrypted.

Sensitive information, such as credit card numbers, passwords, chat messages, emails, photos, and any other data sent over the Internet with mobile devices can be intercepted and stolen.

The attack works against all modern protected Wi-Fi networks. Depending on the network configuration, it is also possible to inject and manipulate data. For example, an attacker might be able to inject ransomware or other malware into websites.

What should you do ?

Wi-Fi users should immediately update their Wi-Fi-enabled devices as soon as a software update is made available. Wi-Fi enabled devices are anything that connects to the Internet — from laptops, tablets, and smartphones to other smart devices such as wearables and home appliances.

Personal AXS GUARD version 3.2.0

As with many newly discovered vulnerabilities, it is only a matter of time before attackers find ways to exploit this weakness to their advantage.

We will upgrade your PAX automatically to the latest 3.2.0 version.
The new version contains patches for the following Common Vulnerabilities and Exposures (CVE) identifiers:

  • CVE-2017-13077: Reinstallation of the pairwise encryption key (PTK-TK) in the 4-way handshake.

  • CVE-2017-13078: Reinstallation of the group key (GTK) in the 4-way handshake.

  • CVE-2017-13079: Reinstallation of the integrity group key (IGTK) in the 4-way handshake.

  • CVE-2017-13080: Reinstallation of the group key (GTK) in the group key handshake.

  • CVE-2017-13081: Reinstallation of the integrity group key (IGTK) in the group key handshake.

  • CVE-2017-13082: Accepting a retransmitted Fast BSS Transition (FT) Reassociation Request and reinstalling the pairwise encryption key (PTK-TK) while processing it.

  • CVE-2017-13084: Reinstallation of the STK key in the PeerKey handshake.

  • CVE-2017-13086: reinstallation of the Tunneled Direct-Link Setup (TDLS) PeerKey (TPK) key in the TDLS handshake.

  • CVE-2017-13087: reinstallation of the group key (GTK) when processing a Wireless Network Management (WNM) Sleep Mode Response frame.

  • CVE-2017-13088: reinstallation of the integrity group key (IGTK) when processing a Wireless Network Management (WNM) Sleep Mode Response frame.

External links and references

Latest Posts