CVE-2017-13086

Name: CVE-2017-13086
Creator: NVD / NIST
Published: 2017-10-17T13:29:00.553+00:00
License: https://creativecommons.org/publicdomain/zero/1.0/

UnknownEPSS 2.05%

Last modified Jun 17, 2026

CVE-2017-13086 is a vulnerability of currently unknown severity. Wi-Fi Protected Access (WPA and WPA2) allows reinstallation of the Tunneled Direct-Link Setup (TDLS) Peer Key (TPK) during the TDLS handshake, allowing an attacker within radio range to replay, decrypt, or spoof frames.. EPSS estimates a 2.05% chance of exploitation in the next 30 days.

Description

Wi-Fi Protected Access (WPA and WPA2) allows reinstallation of the Tunneled Direct-Link Setup (TDLS) Peer Key (TPK) during the TDLS handshake, allowing an attacker within radio range to replay, decrypt, or spoof frames.

Metrics

EPSS Probability

2.05%

78.8th percentile

Probability of exploitation in the next 30 days. Learn more

Weakness Enumeration

Affected Software

Vendor	Product	Versions	Update
Canonical	Ubuntu Linux	14.04	—
Canonical	Ubuntu Linux	16.04	—
Canonical	Ubuntu Linux	17.04	—
Debian	Debian Linux	8.0	—
Debian	Debian Linux	9.0	—
Freebsd	Freebsd	All versions	—
Freebsd	Freebsd	10	—
Freebsd	Freebsd	10.4	—
Freebsd	Freebsd	11	—
Freebsd	Freebsd	11.1	—
Opensuse	Leap	42.2	—
Opensuse	Leap	42.3	—
Redhat	Enterprise Linux Desktop	7	—
Redhat	Enterprise Linux Server	7	—
W1.Fi	Hostapd	0.2.4	—
W1.Fi	Hostapd	0.2.5	—
W1.Fi	Hostapd	0.2.6	—
W1.Fi	Hostapd	0.2.8	—
W1.Fi	Hostapd	0.3.7	—
W1.Fi	Hostapd	0.3.9	—
W1.Fi	Hostapd	0.3.10	—
W1.Fi	Hostapd	0.3.11	—
W1.Fi	Hostapd	0.4.7	—
W1.Fi	Hostapd	0.4.8	—
W1.Fi	Hostapd	0.4.9	—
W1.Fi	Hostapd	0.4.10	—
W1.Fi	Hostapd	0.4.11	—
W1.Fi	Hostapd	0.5.7	—
W1.Fi	Hostapd	0.5.8	—
W1.Fi	Hostapd	0.5.9	—
W1.Fi	Hostapd	0.5.10	—
W1.Fi	Hostapd	0.5.11	—
W1.Fi	Hostapd	0.6.8	—
W1.Fi	Hostapd	0.6.9	—
W1.Fi	Hostapd	0.6.10	—
W1.Fi	Hostapd	0.7.3	—
W1.Fi	Hostapd	1.0	—
W1.Fi	Hostapd	1.1	—
W1.Fi	Hostapd	2.0	—
W1.Fi	Hostapd	2.1	—
W1.Fi	Hostapd	2.2	—
W1.Fi	Hostapd	2.3	—
W1.Fi	Hostapd	2.4	—
W1.Fi	Hostapd	2.5	—
W1.Fi	Hostapd	2.6	—
W1.Fi	Wpa Supplicant	0.2.4	—
W1.Fi	Wpa Supplicant	0.2.5	—
W1.Fi	Wpa Supplicant	0.2.6	—
W1.Fi	Wpa Supplicant	0.2.7	—
W1.Fi	Wpa Supplicant	0.2.8	—

Showing 50 of 83 affected configurations. See NVD for the full list.

References

http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2017-007.txtThird Party Advisory
http://www.debian.org/security/2017/dsa-3999Third Party Advisory
http://www.kb.cert.org/vuls/id/228519Third Party Advisory, US Government Resource
http://www.securityfocus.com/bid/101274Third Party Advisory, VDB Entry
http://www.securitytracker.com/id/1039573Third Party Advisory, VDB Entry
http://www.securitytracker.com/id/1039576Third Party Advisory, VDB Entry
http://www.securitytracker.com/id/1039577Third Party Advisory, VDB Entry
http://www.securitytracker.com/id/1039578Third Party Advisory, VDB Entry
http://www.securitytracker.com/id/1039581Third Party Advisory, VDB Entry
http://www.ubuntu.com/usn/USN-3455-1Third Party Advisory
https://access.redhat.com/errata/RHSA-2017:2907Third Party Advisory
https://access.redhat.com/security/vulnerabilities/kracksThird Party Advisory
https://cert-portal.siemens.com/productcert/pdf/ssa-901333.pdf
https://cert.vde.com/en-us/advisories/vde-2017-005
https://security.FreeBSD.org/advisories/FreeBSD-SA-17:07.wpa.ascThird Party Advisory
https://security.gentoo.org/glsa/201711-03
https://source.android.com/security/bulletin/2017-11-01
https://support.lenovo.com/us/en/product_security/LEN-17420Third Party Advisory
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171016-wpaThird Party Advisory
https://w1.fi/security/2017-1/wpa-packet-number-reuse-with-replayed-messages.txtThird Party Advisory
https://www.krackattacks.com/Technical Description, Third Party Advisory
http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2017-007.txtThird Party Advisory
http://www.debian.org/security/2017/dsa-3999Third Party Advisory
http://www.kb.cert.org/vuls/id/228519Third Party Advisory, US Government Resource
http://www.securityfocus.com/bid/101274Third Party Advisory, VDB Entry
http://www.securitytracker.com/id/1039573Third Party Advisory, VDB Entry
http://www.securitytracker.com/id/1039576Third Party Advisory, VDB Entry
http://www.securitytracker.com/id/1039577Third Party Advisory, VDB Entry
http://www.securitytracker.com/id/1039578Third Party Advisory, VDB Entry
http://www.securitytracker.com/id/1039581Third Party Advisory, VDB Entry
http://www.ubuntu.com/usn/USN-3455-1Third Party Advisory
https://access.redhat.com/errata/RHSA-2017:2907Third Party Advisory
https://access.redhat.com/security/vulnerabilities/kracksThird Party Advisory
https://cert-portal.siemens.com/productcert/pdf/ssa-901333.pdf
https://cert.vde.com/en-us/advisories/vde-2017-005
https://security.FreeBSD.org/advisories/FreeBSD-SA-17:07.wpa.ascThird Party Advisory
https://security.gentoo.org/glsa/201711-03
https://source.android.com/security/bulletin/2017-11-01
https://support.lenovo.com/us/en/product_security/LEN-17420Third Party Advisory
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171016-wpaThird Party Advisory
https://w1.fi/security/2017-1/wpa-packet-number-reuse-with-replayed-messages.txtThird Party Advisory
https://www.krackattacks.com/Technical Description, Third Party Advisory

Timeline

Published: Oct 17, 2017
Last Modified: Jun 17, 2026
Status: Modified

Frequently Asked Questions

What is CVE-2017-13086?

How severe is CVE-2017-13086?

Severity scoring for CVE-2017-13086 is pending analysis. The EPSS model estimates a 2.05% probability of exploitation in the next 30 days.

How do I fix CVE-2017-13086?

Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.

Are you affected by CVE-2017-13086?

Run a free Strix scan to check your systems for this vulnerability.

Scan your code now

Source: NVD / NIST