Cryptography / Weak PSK

Description

Weak PSK (CWE-327) is a cryptography-based IT vulnerability that occurs in infrastructure, such as wireless routers and access points. This type of vulnerability occurs when the pre-shared key (PSK) that is used to authenticate a user is weak or too short. This makes it easier for an attacker to guess the key and gain unauthorized access to the encrypted network traffic. According to the OWASP Testing Guide, weak PSKs can be identified by testing for weak or default passwords, or by using brute force attacks.

Risk

Weak PSKs pose a serious risk to IT systems as they can be easily guessed, allowing unauthorized access to the network. According to the Common Vulnerability Scoring System (CVSS), this vulnerability has a base score of 6.4, which indicates a medium-severity risk.

Solution

The best solution to prevent this vulnerability is to use strong passwords that are difficult to guess. It is also important to change the passwords regularly and to use two-factor authentication for additional security.