CVE-2017-13078

ENISA EUVD: EUVD-2017-4596 ↗

✓ Confirmed 0-Day

Triaged: March 5, 2026 2 articles

VulnLookup ↗ NVD ↗ EUVD ↗ MITRE ↗

EPSS Score

Source: FIRST.org · 2026-05-24

0.7%

probability

This CVE has a 0.7% probability of being exploited in the next 30 days.

0% Top 72.2th percentile of all CVEs 100%

CVSS score unavailable

Neither CIRCL nor NVD returned a CVSS score for this CVE. View on VulnerabilityLookup ↗

Affected Products

Attack Intelligence

CWE-323 · Reusing a Nonce, Key Pair in Encryption CWE-330 · Use of Insufficiently Random Values CWE-344 · Use of Invariant Value in Dynamically Changing Context CWE-693 · Protection Mechanism Failure

KRACK Demo: Critical Key Reinstallation Attack Against Widely-Used WPA2 Wi-Fi Protocol

TheHackerNews

Security Advisory 2017-021

CERT-EU Oct 17, 2017

Signal Intelligence

Confidenceⓘ

92%

EPSS 0.7%

Mentions 2

Last Seen Oct 17, 2017

CNA Information

Analyst Note

CVE-2017-13078 is part of the KRACK (Key Reinstallation Attack) vulnerability disclosed in October 2017. KRACK was actively exploited in the wild against WPA2, with proof-of-concept demonstrations showing practical attacks. Patches were released concurrently with public disclosure, meeting the zero-day criteria of exploitation before/simultaneous with patch availability.

Triage Info

Decided atMar 05, 2026