Cryptography / Weak PSK

Description

Weak PSK (CWE-327) is a cryptography-based IT vulnerability that occurs in infrastructure, such as wireless routers and access points. This type of vulnerability occurs when the pre-shared key (PSK) that is used to authenticate a user is weak or too short. This makes it easier for an attacker to guess the key and gain unauthorized access to the encrypted network traffic. According to the OWASP Testing Guide, weak PSKs can be identified by testing for weak or default passwords, or by using brute force attacks.

Risk

Weak PSKs pose a serious risk to IT systems as they can be easily guessed, allowing unauthorized access to the network. According to the Common Vulnerability Scoring System (CVSS), this vulnerability has a base score of 6.4, which indicates a medium-severity risk.

Solution

The best solution to prevent this vulnerability is to use strong passwords that are difficult to guess. It is also important to change the passwords regularly and to use two-factor authentication for additional security.

Example

The following example is taken from CVE-2013-4357. It is an example of weak PSK vulnerability in the Host AP daemon (hostapd) on Linux systems:

if (hostapd_setup_wpa_psk(hapd->conf->ssid.wpa_psk,
                         hapd->conf->ssid.wpa_psk_len,
                         hapd->conf->ssid.ssid,
                         hapd->conf->ssid.ssid_len,
                         hapd->conf->ssid.wpa_psk_set,
                         passwd)) {
    wpa_printf(MSG_ERROR, "WPA: Failed to configure PSK");
    return -1;
}

In this example, the PSK is configured with a static password, which is weak and allows an attacker to gain access to the network.