Hostapd Wi-Fi Easy Connect PKEX Vulnerability Allows Future Association Subversion

A vulnerability in hostapd versions through 2.10 allows an attacker to subvert future public key bootstrapping in the Wi-Fi Easy Connect protocol. This is achieved by passively observing public keys exchanged during a previous successful association, reusing the encrypting element, and subtracting it from the captured message. The vulnerability arises because the PKEX code remains active even after a successful association, contrary to the protocol's intention.

Impact

Exploitation of this vulnerability allows an attacker to impersonate a Configurator and disrupt normal Wi-Fi Easy Connect operations, potentially leading to unauthorized access or manipulation of network traffic.

Reproduction

The vulnerability can be reproduced by first establishing a Wi-Fi Easy Connect association using the PKEX bootstrapping method. After the association, the PKEX code remains active, allowing for future associations to be subverted by reusing the encrypting element from the initial exchange. This can be done by passively observing the public keys during the bootstrapping phase, capturing the message, and then using the same encrypting element to manipulate the association process.

Remediation

The vulnerability has been addressed in hostapd version 2.10. Users should update to this version or later.