Security researchers have discovered two types of serious vulnerabilities in WPA3, the latest version of the Wi-Fi Protected Access protocol that has been designed in large part to provide better security to users. The uncovered flaws, dubbed Dragonblood[pdf], can enable threat actors to recover the password of a Wi-Fi network.
According to the Wi-Fi Alliance, a non-profit that oversees the development and maintenance of Wi-Fi technology, the flaws only impact “a limited number of early implementations of WPA3-Personal,” and security patches have already been issued to address the vulnerabilities. While WPA3 was launched in June of 2018, the Personal and Enterprise editions of the protocol are not yet widely adopted. It will probably take years for WPA3 to replace WPA2 as the most common Wi-Fi protocol.
Read more: ‘Dragonblood’ Flaws in WPA3 Allow Recovery of Wi-Fi Passwords