Early this morning US-CERT (Computer Emergency Readiness Team) published a vulnerability alert stating that Wi-Fi Protected Access II (WPA2) can be compromised and manipulated to install a rogue security key.
Essentially this is what is termed a “man-in-the-middle” attack between an Access Point and a client. This would allow the attacker to hijack the connection. Once this is done, encrypted packets may be able to be deciphered and read.
We strongly encourage you to update the firmware in all of your wireless access routers as soon as it is made available. As soon as device manufacturers publish updates, please install them quickly.
In the interim, watch what public networks you connect to with your device. If at all possible, turn off Wi-Fi on your device until you receive a security patch from your device manufacturer.