D-Link Forums

Announcements => Security Advisories => Topic started by: GreenBay42 on August 07, 2018, 10:37:48 AM

Title: Hashcat Developers Discover New Security Flaw in WPA/WPA2 WiFi Encryption
Post by: GreenBay42 on August 07, 2018, 10:37:48 AM
Announcement -  https://securityadvisories.dlink.com/announcement/publication.aspx?name=SAP10090 (https://securityadvisories.dlink.com/announcement/publication.aspx?name=SAP10090)

On August 4, 2018, a disclosure by a Hashcat developer was posted describing new technique to exploit WPA-PSK (Pre-Shared Key) passwords.

https://hashcat.net/forum/thread-7717.html (https://hashcat.net/forum/thread-7717.html)

D-Link is aware and investigating the potential threat to our customers, our products, and our systems. 

Regarding this disclosure:

     - This is seperate and independ of the WPA2 exploit known as the KRACK vulnerability

     - This exploit requires IEEE 802.11i, IEEE 802.11p,  IEEE 802.11r used for WiFi Device "roaming" between WiFi access points to be enabled.

     - Many D-Link consumer routers do not have these roaming features enabled.