A group of vulnerabilities being called Dragonblood is targeting the newly released WPA3 WiFi security and authentication standard released by WiFi Alliance. The Dragonblood vulnerabilities include a few different attack vectors such as a DoS vulnerability, two side-channel information leaks, and two downgrade vulnerabilities. If the vulnerabilities are able to be exploited, an attacker would be able to obtain the WiFi password and invade a targeted network. The DoS attack is the least threatening of the five vulnerabilities because it simply crashes WPA-3 consistent access points. All four of the other vulnerabilities take advantage of the flaws in the Dragonfly key exchange, a tool that’s implemented to allow users to authenticate on WPA3 access points or routers. As far as the downgrade attacks go, attackers can trick the network into using an out-of-date password exchange system which allows them to exploit old flaws and retrieve network passwords. In the side-channel information attack, WiFi WPA3-capable networks can be fooled into using weak algorithms, and while it doesn’t leak the whole thing, with continued attacks, criminals could end up with the whole network password.
Written by: Nataliia Zdrok, Threat Intelligence Analyst at Binary Defense Russia’s invasion of Ukraine increased