Espressif Releases Patches for WiFi Vulnerabilities (CERT VU#228519)
Posted: Tue Oct 17, 2017 9:36 am
The recently discovered WiFi WPA2 protocol vulnerabilities, a.k.a. KRACK, is of critical security level; the vulnerabilities allow the connection to be hijacked, or eavedropped and malicious packet injections. These vulnerabilities are also described in detail at CERT VU#228519 and individually in CVE-2017-13077, CVE-2017-13078, CVE-2017-13079, CVE-2017-13080, CVE-2017-13081, CVE-2017-13082, CVE-2017-13084, CVE-2017-13086, CVE-2017-13087 and CVE-2017-13088.
More details are in Espressif Website.
Thank you to the security researcher Mathy Vanhoef & CERT for finding & disclosing this issue to vendors.