DragonBlood, a set of vulnerabilities that affect WiFi WPA3 standard

Penetration testing course specialists from the International Institute of Cyber Security (IICS) report the finding of a set of vulnerabilities, dubbed DragonBlood, that affect the standard of authentication and security of connection WiFi WPA3, the latest release of WiFi Alliance.

If exploited, these vulnerabilities could allow an attacker located within the range of a WiFi signal to obtain the network password or infiltrate the potential victim systems.

According to the penetration testing course specialists, DragonBlood consists of five different vulnerabilities:

  • A denial-of-service (DoS) attack vulnerability
  • Two side channel information leak errors
  • Two errors that allow downgrade attacks

Although DoS attack has not been considered highly risky, because it is only functional in WPA3-compatible access points, the other four discovered vulnerabilities can be used to retrieve sensitive user information, such as passwords. These four attacks exploit flaws in the design of the Dragonfly key exchange in the WPA3 standard, a mechanism used to authenticate a router or access point.

In the downgrade attack, hackers can force a WPA3 WiFi network to use older and less secure key exchange systems; Because of this, attackers can recover passwords by exploiting old vulnerabilities.

On the other hand, in the side channel information leak attacks networks with WiFi WPA3 support can deceive a device to force it to use less secure algorithms, so small amounts of information about the network password will be leaked; when you repeat this process the necessary times you can recover the password of a WiFi network completely.

According to the penetration testing course specialists the set of DragonBlood vulnerabilities also impacts the extensible Authentication Protocol (EAP-pwd) supported by WPA and WPA2 standards. “This vulnerability allows hackers to impersonate any user and therefore access the WiFi network, without knowing the legitimate user’s password “.

Shortly after receiving the vulnerability report, WiFi Alliance announced that the fixes for these vulnerabilities would be available as soon as possible. “All these problems are solvable using software updates, no need to fix the devices”, said WiFi Alliance in a statement.