Paul1977: I’m most interested in how vulnerable unpatched iOS and Windows are (particularly iOS which is not yet patched in the latest general release 11.03).

The paper shows they are the least vulnerable, but I’m finding it difficult interpreting what the specific risks are for these devices.


As I read it they are only vulnerable to the group key attacks - CVE-2017-13080 and CVE-2017-13081. As these are used for transmitting broadcast and multicast frames, the amount of sensitive information you could decrypt would be negligible.



Thanks, I'll read up a little more about these two CVEs.