A security researcher at wireless security company AirTight Networks has discovered an exploitable vulnerability in WPA2, currently considered the strongest form of Wi-Fi encryption and authentication standard available. Md Sohail Ahmad spotted the weakness in page 196 of the IEEE 802.11 Revised Standard, prompting AirTight to dub it "Hole 196."

In a nutshell, Hole 196 is susceptible to a man-in-the-middle style attack from an insider already connected to the Wi-Fi network. Ahmad says that it took him only 10 lines of code in the open-source MadWiFi driver software to exploit, and can potentially open the door to a malicious user to "drop traffic, drop a [denial-of-service] attack, or snoop" within the same WPA2 network.

Ahmad will be demonstrating his exploit at Black Hat Arsenal and DEF CON 18 next week. He asserts that his discovery is not a brute-force approach, and the AES encryption employed by WPA2 remains uncompromised. With many forms of attacks being conducted or facilitated from the inside though, AirTight says it felt the need to bring about awareness of this problem.

For more on this story:
- check out the article at Network World
- check out the article at InfoSecurity

Related Articles:
WiFi key-cracking kits being sold in China
Many home routers could be vulnerable to web hack
Open-source software libraries could be vulnerable to timing hack
Security researcher to demonstrate ATM hack, rootkit at Black Hat