search menu icon-carat-right cmu-wordmark

CERT Coordination Center


Wi-Fi Protected Access (WPA) handshake traffic can be manipulated to induce nonce and session key reuse

Vulnerability Note VU#228519

Original Release Date: 2017-10-16 | Last Revised: 2017-11-16

Overview

Wi-Fi Protected Access (WPA, more commonly WPA2) handshake traffic can be manipulated to induce nonce and session key reuse, resulting in key reinstallation by a wireless access point (AP) or client. An attacker within range of an affected AP and client may leverage these vulnerabilities to conduct attacks that are dependent on the data confidentiality protocols being used. Attacks may include arbitrary packet decryption and injection, TCP connection hijacking, HTTP content injection, or the replay of unicast and group-addressed frames. These vulnerabilities are referred to as Key Reinstallation Attacks or "KRACK" attacks.

Description

CWE-323: Reusing a Nonce, Key Pair in Encryption

Wi-Fi Protected Access II (WPA2) handshake traffic can be manipulated to induce nonce and session key reuse, resulting in key reinstallation by a victim wireless access point (AP) or client. After establishing a man-in-the-middle position between an AP and client, an attacker can selectively manipulate the timing and transmission of messages in the WPA2 Four-way, Group Key, Fast Basic Service Set (BSS) Transition, PeerKey, Tunneled Direct-Link Setup (TDLS) PeerKey (TPK), or Wireless Network Management (WNM) Sleep Mode handshakes, resulting in out-of-sequence reception or retransmission of messages. Depending on the data confidentiality protocols in use (e.g. TKIP, CCMP, and GCMP) and situational factors, the effect of these manipulations is to reset nonces and replay counters and ultimately to reinstall session keys. Key reuse facilitates arbitrary packet decryption and injection, TCP connection hijacking, HTTP content injection, or the replay of unicast, broadcast, and multicast frames.

The following CVE IDs have been assigned to document these vulnerabilities in the WPA2 protocol:

    • CVE-2017-13077: reinstallation of the pairwise key in the Four-way handshake
    • CVE-2017-13078: reinstallation of the group key in the Four-way handshake
    • CVE-2017-13079: reinstallation of the integrity group key in the Four-way handshake
    • CVE-2017-13080: reinstallation of the group key in the Group Key handshake
    • CVE-2017-13081: reinstallation of the integrity group key in the Group Key handshake
    • CVE-2017-13082: accepting a retransmitted Fast BSS Transition Reassociation Request and reinstalling the pairwise key while processing it
    • CVE-2017-13084: reinstallation of the STK key in the PeerKey handshake
    • CVE-2017-13086: reinstallation of the Tunneled Direct-Link Setup (TDLS) PeerKey (TPK) key in the TDLS handshake
    • CVE-2017-13087: reinstallation of the group key (GTK) when processing a Wireless Network Management (WNM) Sleep Mode Response frame
    • CVE-2017-13088: reinstallation of the integrity group key (IGTK) when processing a Wireless Network Management (WNM) Sleep Mode Response frame

For a detailed description of these issues, refer to the researcher's website and paper.

Impact

An attacker within the wireless communications range of an affected AP and client may leverage these vulnerabilities to conduct attacks that are dependent on the data confidentiality protocol being used. Impacts may include arbitrary packet decryption and injection, TCP connection hijacking, HTTP content injection, or the replay of unicast, broadcast, and multicast frames.

Solution

Install Updates

The WPA2 protocol is ubiquitous in wireless networking. The vulnerabilities described here are in the standard itself as opposed to individual implementations thereof; as such, any correct implementation is likely affected. Users are encouraged to install updates to affected products and hosts as they are available. For information about a specific vendor or product, check the Vendor Information section of this document or contact the vendor directly. Note that the vendor list below is not exhaustive.

Vendor Information

228519
Expand all

9front

Updated:  October 19, 2017

Status

  Affected

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Vendor References

http://code.9front.org/hg/plan9front/rev/94d052c01881

Addendum

There are no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.

ADTRAN

Updated:  October 19, 2017

Status

  Affected

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Vendor References

https://supportforums.adtran.com/message/24028#24028 https://supportforums.adtran.com/servlet/JiveServlet/previewBody/8732-102-1-12335/ADTRAN%20WPA2%20KRACK%20Attack%20Advisory%20(ADTSA-KRA1001%20REV%20A).pdf

Addendum

There are no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.

AVM GmbH

Updated:  October 24, 2017

Statement Date:   October 24, 2017

Status

  Affected

Vendor Statement

https://en.avm.de/service/current-security-notifications/

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Vendor References

https://en.avm.de/service/current-security-notifications/

Addendum

There are no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.

Actiontec

Notified:  August 30, 2017 Updated:  October 20, 2017

Status

  Affected

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Vendor References

https://actiontecsupport.zendesk.com/hc/en-us/articles/115005205283-KRACK-vulnerability

Addendum

There are no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.

Aerohive

Notified:  August 30, 2017 Updated:  October 17, 2017

Status

  Affected

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Vendor References

https://www3.aerohive.com/support/security-bulletins/Product-Security-Announcement-Aerohives-Response-to-KRACK-10162017.html

Addendum

There are no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.

Alcatel-Lucent Enterprise

Notified:  August 28, 2017 Updated:  November 08, 2017

Status

  Affected

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Vendor References

https://www.al-enterprise.com/en/support/security-alert-krack

Addendum

There are no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.

Android Open Source Project

Notified:  August 28, 2017 Updated:  November 08, 2017

Status

  Affected

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Vendor References

https://source.android.com/security/bulletin/2017-11-01#2017-11-06-details

Addendum

There are no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.

Apple

Notified:  August 28, 2017 Updated:  November 01, 2017

Status

  Affected

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

Per Apple's advisory, CVE-2017-13080 is addressed in iOS 11.1.

Vendor References

https://support.apple.com/en-gb/HT208222

Addendum

There are no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.

Arch Linux

Notified:  August 28, 2017 Updated:  October 17, 2017

Status

  Affected

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Vendor References

https://security.archlinux.org/AVG-448 https://security.archlinux.org/AVG-447

Addendum

There are no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.

Aruba Networks

Notified:  August 28, 2017 Updated:  October 09, 2017

Statement Date:   October 09, 2017

Status

  Affected

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Vendor References

http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2017-007.txt

Addendum

There are no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.

AsusTek Computer Inc.

Notified:  August 28, 2017 Updated:  October 19, 2017

Status

  Affected

Vendor Statement

10/18/2017 Security advisory for the vulnerabilities of WPA2 protocol

ASUS is aware of the recent WPA2 vulnerability issue. We take your security and privacy seriously and are currently working towards a full solution as quickly as possible. In the meantime, we want to help clarify the severity of the potential threat, and let our valued customers know the appropriate steps to take in order to avoid or lessen the threat of being compromised.

Your devices are only vulnerable if an attacker is in physical proximity to your wireless network and is able to gain access to it. This exploit cannot steal your banking information, passwords, or other data on a secured connection that utilizes proper end-to-end encryption. However, an attacker could capture and read this information on an unsecured connection via an exploited WiFi network. Depending on the network configuration, it is also possible for the attacker to redirect network traffic, send invalid data to devices or even inject malware into the network.

We are feverishly working with chipset suppliers to resolve this vulnerability and will release patched firmware for affected routers in the near future. Before this patched firmware is released, here are a few cautions all users should take:

(1) Avoid public Wi-Fi and Hotspots until the routers and your devices are updated. Use cellular network connections if possible.
(2) Only connect to secured services that you trust or have been verified. Web pages that use HTTPS or another secure connection will include HTTPS in the URL. If the connection is secured using TLS 1.2 your activities with that service is safe for now.
(3) Keep your operating system and antivirus software up-to-date. Microsoft recently updated Windows to fix this exploit on their latest operating systems. Google and Apple are following suit shortly.
(4) When in doubt, be safe and use your cellular network or a wired connection (Ethernet) to access the internet. This exploit only affects 802.11 traffic between a Wi-Fi router and a connected device on an exploited WiFi connection.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Vendor References

https://www.asus.com/Static_WebPage/ASUS-Product-Security-Advisory/

Addendum

There are no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.

Barracuda Networks

Notified:  August 28, 2017 Updated:  October 24, 2017

Statement Date:   October 19, 2017

Status

  Affected

Vendor Statement

On October 16th, 2017, a research paper with the title of "Key Reinstallation Attacks: Forcing Nonce Reuse in WPA2" was made publicly available. This paper discusses seven vulnerabilities affecting session key negotiation in both the Wi-Fi Protected Access (WPA) and the Wi-Fi Protected Access II (WPA2) protocols. These vulnerabilities may allow the reinstallation of a pairwise transient key, a group key, or an integrity key on either a wireless client or a wireless access point. Additional research also led to the discovery of three additional vulnerabilities (not discussed in the original paper) affecting wireless supplicant supporting either the 802.11z (Extensions to Direct-Link Setup) standard or the 802.11v (Wireless Network Management) standard. The three additional vulnerabilities could also allow the reinstallation of a pairwise key, group key, or integrity group key.

Risk Rating: High

Affected Products: Our investigations indicate that currently only Barracuda NextGen Firewall Wi-Fi Models used under Wi-Fi Client mode are affected:

F101

F201

F301

F80

F82.DSLA

F82.DSLB

F180

F183

F280

FSC1

Vendor Information

October 18, 2017:  Hotfixes have been made available. We do recommend to
update your systems also in case the firewall is used under Access Point mode.

Fixed Vulnerabilities:

      • CVE-2017-13077: Reinstallation of the pairwise encryption key (PTK-TK) in the 4-way handshake.
      • CVE-2017-13078: Reinstallation of the group key (GTK) in the 4-way handshake.
      • CVE-2017-13079: Reinstallation of the integrity group key (IGTK) in the 4-way handshake.
      • CVE-2017-13080: Reinstallation of the group key (GTK) in the group key handshake.
      • CVE-2017-13081: Reinstallation of the integrity group key (IGTK) in the group key handshake.
      • CVE-2017-13082: Accepting a retransmitted Fast BSS Transition (FT) Reassociation Request and reinstalling the pairwise encryption key (PTK-TK) while processing it.
      • CVE-2017-13084: Reinstallation of the STK key in the PeerKey handshake.
      • CVE-2017-13086: reinstallation of the Tunneled Direct-Link Setup (TDLS) PeerKey (TPK) key in the TDLS handshake.
      • CVE-2017-13087: reinstallation of the group key (GTK) when processing a Wireless Network Management (WNM) Sleep Mode Response frame.
      • CVE-2017-13088: reinstallation of the integrity group key (IGTK) when processing a Wireless Network Management (WNM) Sleep Mode Response frame.

Hotfix information and download for firmware 6.2.x

Hotfix information and download for firmware 7.0.x

Hotfix information and download for firmware 7.1.x

Vendor References

https://community.barracudanetworks.com/forum/index.php?/topic/23525-security-advisories/page-2#entry84537

Addendum

There are no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.

Broadcom

Notified:  August 30, 2017 Updated:  October 17, 2017

Statement Date:   October 16, 2017

Status

  Affected

Vendor Statement

We confirm that some of the Broadcom products are affected by some of the issues reported in VU#228519.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Addendum

There are no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.

Cambium Networks

Updated:  October 26, 2017

Statement Date:   October 25, 2017

Status

  Affected

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Vendor References

http://community.cambiumnetworks.com/t5/Enterprise-e4XX-e5XX-series/Security-Advisory-on-Key-Reinstallation-Attacks-KRACK/m-p/79583

Addendum

There are no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.

CentOS

Notified:  August 28, 2017 Updated:  October 23, 2017

Status

  Affected

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Vendor References

https://lists.centos.org/pipermail/centos-announce/2017-October/022570.html https://lists.centos.org/pipermail/centos-announce/2017-October/022569.html

Addendum

There are no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.

Cisco

Notified:  August 28, 2017 Updated:  October 16, 2017

Status

  Affected

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Vendor References

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171016-wpa

Addendum

There are no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.

Cradlepoint

Updated:  October 19, 2017

Statement Date:   October 19, 2017

Status

  Affected

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Vendor References

http://knowledgebase.cradlepoint.com/articles/Support/WPA-and-WPA2-Vulnerabilities-KRACK

Addendum

There are no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.

Cypress Semiconductor

Notified:  August 30, 2017 Updated:  October 23, 2017

Status

  Affected

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Vendor References

https://community.cypress.com/docs/DOC-13871

Addendum

There are no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.

D-Link Systems, Inc.

Notified:  August 28, 2017 Updated:  October 20, 2017

Statement Date:   October 19, 2017

Status

  Affected

Vendor Statement

On October 16th, researchers disclosed security vulnerabilities in the widely used standard for Wi-Fi security WPA2 (Wi-Fi Protected Access II) that make it possible for attackers to eavesdrop on Wi-Fi traffic. D-Link has immediately taken actions to investigate this matter. This security concern appears to be an industry-wide issue that will require firmware patches to be provided from the relevant semiconductor chipset manufacturers.

D-Link has requested assistance from the chipset manufacturers. As soon as the firmware patches are received from the chipset manufacturers, we will post them on our websites immediately. Please take the following important actions to help protect your privacy:

1.  It is highly recommended to use encrypted communications protocols such as VPN or HTTPS, especially when delivering confidential information.

2. Check our website regularly for the newest firmware updates.

Vendor References

http://supportannouncement.us.dlink.com/announcement/publication.aspx?name=SAP10075

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Vendor References

http://supportannouncement.us.dlink.com/announcement/publication.aspx?name=SAP10075

Addendum

There are no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.

Debian GNU/Linux

Notified:  August 28, 2017 Updated:  October 17, 2017

Statement Date:   October 16, 2017

Status

  Affected

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Vendor References

https://www.debian.org/security/2017/dsa-3999

Addendum

There are no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.

Dell

Notified:  August 28, 2017 Updated:  October 24, 2017

Statement Date:   October 23, 2017

Status

  Affected

Vendor Statement

http://www.dell.com/support/article/SLN307822

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Vendor References

http://www.dell.com/support/article/SLN307822

Addendum

There are no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.

Digi International

Updated:  November 16, 2017

Status

  Affected

Vendor Statement

https://forms.na1.netsuite.com/app/site/hosting/scriptlet.nl?script=457&deploy=2&compid=818164&h=5928a16f2b6f9582b799&articleid=2520

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Vendor References

https://forms.na1.netsuite.com/app/site/hosting/scriptlet.nl?script=457&deploy=2&compid=818164&h=5928a16f2b6f9582b799&articleid=2520

Addendum

There are no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.

DrayTek Corporation

Updated:  October 19, 2017

Status

  Affected

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Vendor References

https://www.draytek.com/en/news/news/2017/how-are-draytek-wireless-products-affected-by-the-wpa2-krack-vulnerability/

Addendum

There are no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.

Edimax Computer Company

Updated:  October 23, 2017

Status

  Affected

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Vendor References

http://www.edimax.com/edimax/post/post/data/edimax/global/response_to_krack/

Addendum

There are no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.

EnGenius

Updated:  October 19, 2017

Status

  Affected

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Vendor References

https://www.engeniustech.com/engenius-advisory-wpa2-krack-vulnerability.html

Addendum

There are no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.

Endian

Updated:  November 01, 2017

Status

  Affected

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Vendor References

https://help.endian.com/hc/en-us/articles/115013641427-WPA-and-WPA2-Vulnerability-KRACK-Key-Reinstallation-Attacks-Update

Addendum

There are no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.

Espressif Systems

Notified:  September 22, 2017 Updated:  October 13, 2017

Statement Date:   October 13, 2017

Status

  Affected

Vendor Statement

Our products ESP8266 and ESP32 are affected by the vulnerability identified as VU#228519.

For ESP32, we have made remediation in ESP-IDF v2.1.1 on Github. ESP32 which uses ESP-IDF v2.1.1 or later than v2.1.1 will not be affected by this vulnerability.

For ESP8266, we have updated both RTOS SDK and NONOS SDK on Github on October 13, 2017. ESP8266 which uses RTOS SDK or NONOS SDK after October 13, 2017 will not be affected by this vulnerability.

We strongly recommend that users update their ESP-IDF, ESP8266 RTOS SDK and ESP8266 NONOS SDK to the latest version to avoid being affected by this vulnerability.

For ESP8089 and ESP8689, the supplicant protocol runs on the host side. So, whether they are affected by this vulnerability depends on which host is used. But we also recommend that users update their host to fix this vulnerability.

The updates of ESP-IDF, ESP8266 RTOS SDK and ESP8266 NONOS SDK can be found on the following website:
ESP-IDF: https://github.com/espressif/esp-idf
ESP8266 RTOS SDK: https://github.com/espressif/ESP8266_RTOS_SDK
ESP8266 NONOS SDK: https://github.com/espressif/ESP8266_NONOS_SDK

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Vendor References

https://github.com/espressif/esp-idf https://github.com/espressif/ESP8266_RTOS_SDK https://github.com/espressif/ESP8266_NONOS_SDK

Addendum

There are no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.

Extreme Networks

Notified:  August 28, 2017 Updated:  October 17, 2017

Statement Date:   October 16, 2017

Status

  Affected

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Vendor References

https://extremeportal.force.com/ExtrArticleDetail?n=000018005

Addendum

There are no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.

F-Secure Corporation

Updated:  October 24, 2017

Statement Date:   October 24, 2017

Status

  Affected

Vendor Statement

Status: An automatic firmware update (version 2017-10-23_01 – p1.3.21.26) has been released to all F-Secure SENSE router users

Update available: 23rd October 2017

Security advisory: https://www.f-secure.com/en/web/labs_global/fsc-2017-1

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Vendor References

https://www.f-secure.com/en/web/labs_global/fsc-2017-1

Addendum

There are no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.

Fedora Project

Notified:  August 28, 2017 Updated:  October 17, 2017

Status

  Affected

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Vendor References

https://bodhi.fedoraproject.org/updates/FEDORA-2017-60bfb576b7

Addendum

There are no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.

Fortinet, Inc.

Notified:  August 28, 2017 Updated:  October 17, 2017

Statement Date:   October 16, 2017

Status

  Affected

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Vendor References

http://docs.fortinet.com/uploaded/files/3961/fortiap-v5.6.1-release-notes.pdf http://www.fortiguard.com/psirt/FG-IR-17-196

Addendum

There are no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.

FreeBSD Project

Notified:  August 28, 2017 Updated:  October 17, 2017

Statement Date:   October 12, 2017

Status

  Affected

Vendor Statement

FreeBSD users leveraging WPA2 should monitor the FreeBSD-announce mailing list and/or the Security Information webpage (https://www.freebsd.org/security/) for further information regarding how this vulnerability applies to FreeBSD.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Vendor References

https://www.freebsd.org/security/advisories/FreeBSD-SA-17:07.wpa.asc

Addendum

There are no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.

Gentoo Linux

Notified:  August 28, 2017 Updated:  October 23, 2017

Status

  Affected

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Vendor References

https://bugs.gentoo.org/634440

Addendum

There are no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.

Google

Notified:  August 28, 2017 Updated:  November 08, 2017

Status

  Affected

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Vendor References

https://source.android.com/security/bulletin/2017-11-01#2017-11-06-details

Addendum

There are no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.

Hewlett Packard Enterprise

Notified:  August 28, 2017 Updated:  October 23, 2017

Status

  Affected

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Vendor References

https://support.hpe.com/hpsc/doc/public/display?sp4ts.oid=null&docLocale=en_US&docId=emr_na-a00029151en_us

Addendum

There are no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.

HostAP

Notified:  August 30, 2017 Updated:  October 16, 2017

Status

  Affected

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Vendor References

https://w1.fi/security/2017-1/

Addendum

There are no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.

IPFire Project

Updated:  October 23, 2017

Status

  Affected

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Vendor References

https://planet.ipfire.org/post/krack-attack-patches-are-on-their-way

Addendum

There are no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.

Intel Corporation

Notified:  August 28, 2017 Updated:  October 10, 2017

Statement Date:   October 10, 2017

Status

  Affected

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Vendor References

https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00101&languageid=en-fr

Addendum

There are no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.

Juniper Networks

Notified:  August 28, 2017 Updated:  October 17, 2017

Statement Date:   August 28, 2017

Status

  Affected

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Vendor References

https://kb.juniper.net/JSA10827

Addendum

There are no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.

LANCOM Systems GmbH

Updated:  October 23, 2017

Statement Date:   October 18, 2017

Status

  Affected

Vendor Statement

We have become aware of the flaw early this week on Monday October the 16th and will present our patches on Friday October 20.

LANCOM has deliver the following statement:
https://www.lancom-systems.com/service-support/instant-help/general-safety-information/

We have been able to launch our security packages:
https://www2.lancom.de/kb.nsf/ac96860327f38e46c12572660046f099/bd86ff5908078296c12581bf004c0b23?OpenDocument

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Vendor References

https://www.lancom-systems.com/service-support/instant-help/general-safety-information/ https://www2.lancom.de/kb.nsf/ac96860327f38e46c12572660046f099/bd86ff5908078296c12581bf004c0b23?OpenDocument

Addendum

There are no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.

LEDE Project

Updated:  October 19, 2017

Status

  Affected

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Vendor References

https://lede-project.org/releases/17.01/notes-17.01.4

Addendum

There are no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.

LIFX

Updated:  October 23, 2017

Status

  Affected

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Vendor References

https://support.lifx.com/hc/en-us/articles/115005206863

Addendum

There are no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.

Lenovo

Notified:  August 28, 2017 Updated:  November 08, 2017

Statement Date:   October 11, 2017

Status

  Affected

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Vendor References

https://support.lenovo.com/ca/en/product_security/len-17420

Addendum

There are no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.

Microchip Technology

Notified:  August 28, 2017 Updated:  October 17, 2017

Statement Date:   October 13, 2017

Status

  Affected

Vendor Statement

For the most updated information about Microchip Wi-Fi products with regards to the WPA2 vulnerabilities , please visit: http://www.microchip.com/design-centers/wireless-connectivity/embedded-wi-fi/wpa2-protocol-vulnerability

Summary:

Microsoft Corporation

Notified:  August 28, 2017 Updated:  October 16, 2017

Statement Date:   October 16, 2017

Status

  Affected

Vendor Statement

Microsoft released a security update on October 10, 2017, and customers who have Windows Update enabled and applied the security updates, are protected automatically.

Vendor Information

CVE-2017-13080 describes this vulnerability in affected Microsoft products.

Vendor References

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-13080

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Vendor References

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-13080

Addendum

There are no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.

Mojo Networks

Updated:  October 19, 2017

Status

  Affected

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Vendor References

https://www.mojonetworks.com/wpa2-vulnerability

Addendum

There are no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.

Nest

Updated:  October 23, 2017

Status

  Affected

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Vendor References

https://nest.com/support/article/KRACK-vulnerability

Addendum

There are no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.

NetBSD

Notified:  August 28, 2017 Updated:  October 17, 2017

Statement Date:   October 17, 2017

Status

  Affected

Vendor Statement

For CVE-2017-13077 CVE-2017-13078 CVE-2017-13079 CVE-2017-13080

CVE-2017-13081 CVE-2017-13082 CVE-2017-13084 CVE-2017-13086
CVE-2017-13087 CVE-2017-13088 aka KRACK Attacks as covered in:
https://www.kb.cert.org/vuls/id/228519/

wpa_supplicant has been patched in our packaging system (pkgsrc) http://mail-index.netbsd.org/pkgsrc-changes/2017/10/16/msg165381.html
http://mail-index.netbsd.org/pkgsrc-changes/2017/10/17/msg165433.html

And for NetBSD itself, a patch has been commited to the HEAD of the tree & is pending to be merged into the NetBSD/6, 7, 8 branches.
http://mail-index.netbsd.org/source-changes/2017/10/16/msg088877.html

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Vendor References

http://mail-index.netbsd.org/pkgsrc-changes/2017/10/16/msg165381.html http://mail-index.netbsd.org/pkgsrc-changes/2017/10/17/msg165433.html http://mail-index.netbsd.org/source-changes/2017/10/16/msg088877.html

Addendum

There are no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.

Netgear, Inc.

Notified:  August 28, 2017 Updated:  October 17, 2017

Status

  Affected

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Vendor References

https://kb.netgear.com/000049498/Security-Advisory-for-WPA-2-Vulnerabilities-PSV-2017-2826-PSV-2017-2836-PSV-2017-2837

Addendum

There are no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.

OPNsense

Updated:  October 23, 2017

Status

  Affected

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Vendor References

https://forum.opnsense.org/index.php?topic=6206.0

Addendum

There are no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.

OmniROM

Updated:  October 23, 2017

Status

  Affected

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Vendor References

https://blog.omnirom.org/development/2017/10/17/omni-builds-updated-krack/

Addendum

There are no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.

Open Mesh

Updated:  October 19, 2017

Status

  Affected

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Vendor References

https://help.cloudtrax.com/hc/en-us/articles/115001567804-KRACK-Bulletin

Addendum

There are no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.

OpenBSD

Notified:  August 28, 2017 Updated:  October 16, 2017

Status

  Affected

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Addendum

There are no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.

Peplink

Notified:  August 28, 2017 Updated:  October 16, 2017

Status

  Affected

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Vendor References

https://forum.peplink.com/t/security-advisory-wpa2-vulnerability-vu-228519/12715

Addendum

There are no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.

Red Hat, Inc.

Notified:  August 28, 2017 Updated:  October 17, 2017

Statement Date:   October 03, 2017

Status

  Affected

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

wpa_supplicant as shipped with Red Hat Enterprise Linux is vulnerable.

Vendor References

https://access.redhat.com/security/vulnerabilities/kracks

Addendum

There are no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.

Riverbed Technologies

Updated:  October 17, 2017

Statement Date:   October 16, 2017

Status

  Affected

Vendor Statement

We would like to report that "Riverbed Xirrus" is affected by the WPA2 handshake vulnerability (VU#228519).

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Addendum

There are no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.

Rockwell Automation

Updated:  October 25, 2017

Statement Date:   October 25, 2017

Status

  Affected

Vendor Statement

https://rockwellautomation.custhelp.com/app/answers/detail/a_id/1066697

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Vendor References

https://rockwellautomation.custhelp.com/app/answers/detail/a_id/1066697

Addendum

There are no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.

Ruckus Wireless

Notified:  August 30, 2017 Updated:  October 18, 2017

Statement Date:   October 17, 2017

Status

  Affected

Vendor Statement

The Ruckus Wireless product is affected.  Patches are in beta/development.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Vendor References

https://www.ruckuswireless.com/security https://ruckus-www.s3.amazonaws.com/pdf/security/faq-security-advisory-id-101617-v1.2.txt https://ruckus-www.s3.amazonaws.com/pdf/security/faq-security-advisory-id-101617-v1.0.pdf

Addendum

There are no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.

SUSE Linux

Notified:  August 28, 2017 Updated:  October 17, 2017

Statement Date:   October 17, 2017

Status

  Affected

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Vendor References

https://www.suse.com/de-de/support/kb/doc/?id=7022107

Addendum

There are no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.

Samsung Mobile

Notified:  August 28, 2017 Updated:  October 12, 2017

Statement Date:   October 12, 2017

Status

  Affected

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Addendum

There are no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.

Sierra Wireless

Notified:  September 22, 2017 Updated:  October 16, 2017

Status

  Affected

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Vendor References

https://source.sierrawireless.com/resources/airlink/software_reference_docs/technical-bulletin/sierra-wireless-technical-bulletin---wpa-and-wpa2-vulnerabilities/

Addendum

There are no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.

Slackware Linux Inc.

Notified:  August 28, 2017 Updated:  October 20, 2017

Status

  Affected

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Vendor References

http://www.slackware.com/changelog/stable.php?cpu=x86_64

Addendum

There are no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.

Sonos

Updated:  October 25, 2017

Statement Date:   October 24, 2017

Status

  Affected

Vendor Statement

Sonos has determined that our speaker products are affected by issues described in the KRACK WPA2 vulnerability announcement.

We are working on a firmware update to address these vulnerabilities and will make it available as soon as testing is complete.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Addendum

There are no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.

Sony Corporation

Updated:  November 08, 2017

Status

  Affected

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Vendor References

https://talk.sonymobile.com/t5/Other-Discussions-General/KRACK-attack-on-wifi-WPA2/m-p/1269528

Addendum

There are no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.

Sophos, Inc.

Notified:  September 06, 2017 Updated:  October 23, 2017

Status

  Affected

Vendor Statement

https://community.sophos.com/kb/en-us/127658

Vendor Information

https://community.sophos.com/kb/en-us/127658

Vendor References

https://community.sophos.com/kb/en-us/127658

Addendum

There are no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.

Synology

Updated:  October 17, 2017

Statement Date:   October 17, 2017

Status

  Affected

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Vendor References

https://www.synology.com/en-global/support/security/Synology_SA_17_60_KRACK

Addendum

There are no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.

TP-LINK

Updated:  October 18, 2017

Statement Date:   October 18, 2017

Status

  Affected

Vendor Statement

Recently we have already received feedback about the KRACK vulnerabilities.

After checking the detailed information of this vulnerability, we have found that some of our products are affected by it.
We have published a security advisory on our official website and we are working to solve the problems now.
Here are the links:
Security Advisory: http://www.tp-link.com/en/faq-1970.html
Software updates for the affected devices will be post at www.tp-link.com/support.html<http://www.tp-link.com/support.html> over the next few weeks.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Vendor References

http://www.tp-link.com/ph/faq-1970.html http://www.tp-link.com/support.html

Addendum

There are no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.

Technicolor

Updated:  October 19, 2017

Statement Date:   October 18, 2017

Status

  Affected

Vendor Statement

By making use of a model-based approach, researchers from K.U Leuven University have identified several theoretical flaws in the Wi-Fi Protected Acess (WPA) protocol. These weaknesses constitute a new class of attack on the 4-way handshake used in all flavors of WPA/WPA2, named KRACK: Key Reinstallation AttaCK.

This academic research presents an industry-wide issue as all products implementing Wi-Fi are theoretically vulnerable.

In practice, no gateway or modem manufactured by Technicolor, implementing WiFi Access point routing function is affected by this class of attack. This is due to the fact that the vulnerable function allowing practical attack against the Access Point is not present. The end users should continue to use their Technicolor gateway or modem without changing WPA2 settings. In particular, none of these attacks is able to retrieve the WPA private passphrase. This recommendation is also valid for the legacy Thomson and Cisco branded gateways and modems.

The 802.11r standard makes use of a 4-way handshake protocol that was mathematically proven secure by the scientific community. Yet, the research publication exhibits weaknesses in some implementations of this protocol, that can affect the way the client connects to the Access point. For Access Points, the operational impact is very limited. Gateways and modems configured as Wi-Fi Access Point are not potentially concerned, except when supporting Fast BSS Transition handshake introduced with 802.11r standard. Fast BSS Transition handshake is usually not supported on residential gateways and modems, because this feature is intended to minimize roaming time between several access points in a managed network.

Technicolor works constantly to improve security of its products, alongside with the Wi-Fi Alliance. Technicolor remains committed to provide efficient support to its customers and end-users.

Our detailed security bulletins remain reserved for our customers. Customers can contact their Technicolor Customer Technical Support.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Addendum

There are no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.

Texas Instruments

Updated:  November 08, 2017

Status

  Affected

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Vendor References

https://e2e.ti.com/support/wireless_connectivity/simplelink_wifi_cc31xx_cc32xx/f/968/t/632869

Addendum

There are no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.

Toshiba Commerce Solutions

Notified:  September 15, 2017 Updated:  October 13, 2017

Statement Date:   October 13, 2017

Status

  Affected

Vendor Statement

Toshiba Global Commerce Solutions Information for VU#228519

Wi-Fi Protected Access II (WPA2) handshake traffic can be manipulated to induce nonce and session key reuse

    • Date Notified: 15 Sept 2017
    • Statement Date: 15 October 2017
    • Date Updated:
Status

Affected

Vendor Statement

Toshiba Global Commerce Solutions (TGCS) has reviewed the subject VU#228519 across its full product line and has determined that our SureMark 4610 Printer (Models 1NR, 2CR, 2NR) with Wireless Lan Adapter is affected by this vulnerability. TGCS will release a Security Alert directly to entitled customers and business partners. To reduce the risk of an attack based on this vulnerability, we continue communicating with customers while not making this generally available to others who may have ill intent. With the information in the alert, the customer can determine their own level of risk.

TGCS reminds their customers to update third party operating systems and wireless attachment cards for this vulnerability.

Vendor Information

Toshiba Global Commerce Solution Security Alerts are available in the Toshiba Commerce Portal at www.toshibacommerce.com. An Enterprise ID (EID) is required to access the alerts. If you do not have an EID, please complete the application at Apply for an Enterprise ID. A subscription service is also available. A subscriber will receive an email with a direct link, to quickly access a new alert. To subscribe to future alerts, please visit Notifications for directions. By subscribing to any of the Security Alert folders you consent to notification mailings to the email address associated with your Enterprise ID (EID). You can unsubscribe at any time by visiting Notifications and following the instructions.

Vendor References

http://www.toshibacommerce.com

Addendum

There are no additional comments at this time.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Vendor References

https://tgcs04.toshibacommerce.com/cs/idcplg?IdcService=FLD_BROWSE&path=%2fCommunications%2fSecurity%20Alerts&doMarkSubscribed=1 http://www.toshibacommerce.com/ https://www.toshibacommerce.com/forms/anon/org/app/e8ee98aa-3101-4218-8ac3-1d50c734aa99/launch/index.html?form=F_Form1 https://www.toshibacommerce.com/wps/myportal/%21ut/p/a1/rZRNc8IgEIZ_Sw8eGQhJCDmmWr8abW2dqcnFoYQoTiDRRK399UXrrWOtUzgws7A87y6z88IUzmCq2U4uWCNLzYpjnJJ5-ExR_wnhYa-LAxTRid-j3UcHDTB8gylMuW6qZgkToVtoWSrRQlrs6-8dbEQhWC1MyKqNLABGDjlf1YJvN7I5AF4qtdWSn2TrI7J

Addendum

There are no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.

Toshiba Electronic Devices & Storage Corporation

Notified:  August 28, 2017 Updated:  October 16, 2017

Statement Date:   October 16, 2017

Status

  Affected

Vendor Statement

VULNERABILITY FOUND RELATED TO THE GENERATION AND MANAGEMENT OF WPA2 KEY ON CANVIO (STOR.E) WIRELESS PRODUCTS

http://www.toshiba-personalstorage.net/en/news/hdd/ot_notice/20171017.htm

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Vendor References

http://www.toshiba-personalstorage.net/en/news/hdd/ot_notice/20171017.htm

Addendum

There are no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.

Toshiba Memory Corporation

Notified:  August 28, 2017 Updated:  October 16, 2017

Statement Date:   October 16, 2017

Status

  Affected

Vendor Statement

Product 1: FlashAir

SDHC/SDXC Memory Card with embedded wireless LAN functionality FlashAir may have a security vulnerability related to the generation and management of WPA2 key (for general customers)
http://www.toshiba-personalstorage.net/news/20171017.htm

SDHC/SDXC Memory Card with embedded wireless LAN functionality FlashAir may have a security vulnerability related to the generation and management of WPA2 key (for enterprises and users of the website for developers ESC$B!HESC(BFlashAir DevelopersESC$B!IESC(B)
https://www.toshiba-memory.co.jp/en/company/news/20171017-1.html

Product 2: CANVIO AeroMobile

VULNERABILITY FOUND RELATED TO THE GENERATION AND MANAGEMENT OF WPA2 KEY
http://support.toshiba.com/support/staticContentDetail?contentId=4015875&isFromTOCLink=false

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Vendor References

http://www.toshiba-personalstorage.net/news/20171017.htm http://support.toshiba.com/support/staticContentDetail?contentId=4015875&isFromTOCLink=false

Addendum

There are no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.

Turris Omnia

Updated:  October 23, 2017

Status

  Affected

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Vendor References

https://forum.turris.cz/t/turris-os-3-8-4-is-out-with-krack-fix/5391

Addendum

There are no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.

Ubiquiti Networks

Notified:  August 28, 2017 Updated:  October 16, 2017

Statement Date:   October 15, 2017

Status

  Affected

Vendor Statement

AmpliFi line products are not affected since firmware v2.4.3. Firmware v2.4.2 is partially affected and all versions prior to that are affected.

All airMAX AC and M series products have fixes for the majority of WPA2 rekeying issues since v8.4.0 (AC series) and v6.0.7 (M series). Additional improvements will fully resolve the issue with v8.4.2/v6.1.2. Furthermore, our proprietary airMAX protocol makes simple attacks more difficult.

References:
https://community.ubnt.com/t5/airMAX-Updates-Blog/airOS-v8-4-0-Has-Been-Released/ba-p/2081100
https://community.ubnt.com/t5/airMAX-Updates-Blog/airOS-v6-0-7-Has-Been-Released/ba-p/2056522

All UniFi Access Point products are not affected by the WPA PTK issues with firmware 3.9.3 and above, but are affected by the 11r/FT issue, where 11r/FT is still in beta.

Reference:
https://community.ubnt.com/t5/UniFi-Updates-Blog/FIRMWARE-3-9-3-7537-for-UAP-USW-has-been-released/ba-p/2099365

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Vendor References

https://community.ubnt.com/t5/airMAX-Updates-Blog/airOS-v8-4-0-Has-Been-Released/ba-p/2081100 https://community.ubnt.com/t5/airMAX-Updates-Blog/airOS-v6-0-7-Has-Been-Released/ba-p/2056522 https://community.ubnt.com/t5/UniFi-Updates-Blog/FIRMWARE-3-9-3-7537-for-UAP-USW-has-been-released/ba-p/2099365

Addendum

There are no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.

Ubuntu

Notified:  August 28, 2017 Updated:  October 16, 2017

Status

  Affected

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Vendor References

https://usn.ubuntu.com/usn/usn-3455-1/

Addendum

There are no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.

Volumio

Updated:  October 23, 2017

Status

  Affected

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Vendor References

https://volumio.org/forum/changelog-t1575.html

Addendum

There are no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.

Watchguard Technologies, Inc.

Updated:  October 16, 2017

Status

  Affected

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Vendor References

https://www.watchguard.com/wgrd-blog/wpa-and-wpa2-vulnerabilities-update

Addendum

There are no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.

Xiaomi

Notified:  August 28, 2017 Updated:  October 23, 2017

Status

  Affected

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Vendor References

http://en.miui.com/thread-954223-1-1.html

Addendum

There are no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.

Xirrus

Updated:  October 23, 2017

Status

  Affected

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Vendor References

https://www.xirrus.com/vulnerability-statements/

Addendum

There are no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.

Zebra Technologies

Notified:  September 01, 2017 Updated:  October 30, 2017

Statement Date:   October 30, 2017

Status

  Affected

Vendor Statement

https://www.zebra.com/us/en/support-downloads/lifeguard-security.html

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Vendor References

https://www.zebra.com/us/en/support-downloads/lifeguard-security.html https://www.zebra.com/content/dam/zebra_new_ia/en-us/support-and-downloads/lifeguard-security/krack-security-bulletin.pdf

Addendum

There are no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.

ZyXEL

Notified:  August 28, 2017 Updated:  October 13, 2017

Statement Date:   October 13, 2017

Status

  Affected

Vendor Statement

Thanks for bringing it to our attention prior to disclosure. We have identified a list of models vulnerable to the issue(s) and are now working on the fixes.

Please find the details here: http://www.zyxel.com/support/announcement_wpa2_key_management.shtml

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Vendor References

http://www.zyxel.com/support/announcement_wpa2_key_management.shtml

Addendum

There are no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.

dd-wrt

Updated:  October 23, 2017

Status

  Affected

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Vendor References

http://svn.dd-wrt.com/ticket/6005

Addendum

There are no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.

eero

Updated:  November 01, 2017

Status

  Affected

Vendor Statement

https://blog.eero.com/krack-update-1-fix-beta/

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Vendor References

https://blog.eero.com/krack-update-1-fix-beta/

Addendum

There are no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.

pfSENSE

Updated:  October 23, 2017

Statement Date:   October 20, 2017

Status

  Affected

Vendor Statement

The pfSense project is aware of the KRACK WPA2 flaws and we have addressed them in the upcoming 2.4.1 and 2.3.5 releases, due out next week.

Development snapshots of 2.4.1 and 2.3.5 containing fixes for the issue are available for those who need to obtain the corrections before the official release. These snapshots were fixed as soon as corrections were made available from the FreeBSD project upstream on October 17th. A notice was posted to our social media accounts once the fixes were imported and tested.

The official releases of 2.4.1 and 2.3.5 will be announced on our blog at https://www.netgate.com/blog/ and on social media.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Vendor References

https://redmine.pfsense.org/issues/7951

Addendum

There are no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.

Arista Networks, Inc.

Notified:  August 28, 2017 Updated:  October 09, 2017

Statement Date:   October 09, 2017

Status

  Not Affected

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Addendum

There are no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.

Check Point Software Technologies

Notified:  August 28, 2017 Updated:  October 17, 2017

Statement Date:   October 17, 2017

Status

  Not Affected

Vendor Statement

Since this is a client-side attack and we only have wifi access points in our SMB products, that do not support repeater-mode or the 802.11r protocol  – we are not vulnerable.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Vendor References

https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solutionid=sk120938

Addendum

There are no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.

Dell EMC

Notified:  August 28, 2017 Updated:  October 27, 2017

Statement Date:   October 25, 2017

Status

  Not Affected

Vendor Statement

Dell EMC has analyzed the vulnerabilities listed in VU#228519 and have concluded that none of our products are impacted.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Vendor References

https://support.emc.com/kb/511474 https://community.rsa.com/docs/DOC-84103

Addendum

There are no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.

F5 Networks, Inc.

Notified:  August 28, 2017 Updated:  October 23, 2017

Status

  Not Affected

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Vendor References

https://support.f5.com/csp/article/K23642330

Addendum

There are no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.

Internet Systems Consortium

Notified:  August 28, 2017 Updated:  October 17, 2017

Statement Date:   October 16, 2017

Status

  Not Affected

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Addendum

There are no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.

Internet Systems Consortium - DHCP

Notified:  August 28, 2017 Updated:  October 17, 2017

Statement Date:   October 16, 2017

Status

  Not Affected

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Addendum

There are no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.

MikroTik

Notified:  September 28, 2017 Updated:  October 16, 2017

Statement Date:   October 10, 2017

Status

  Not Affected

Vendor Statement

On October 16. CERT/CC/ICASI released a public announcement about discovered vulnerabilities in WPA2 handshake protocols that affect most WiFi users and all vendors world wide.

RouterOS v6.39.3, v6.40.4, v6.41rc are not affected!
It is important to note that the vulnerability is discovered in the protocol itself, so even a correct implementation is affected.
These organizations did contact us earlier, so we have already released fixed versions that address the outlined issues. Not all of the discovered vulnerabilities directly impact RouterOS users, or even apply to RouterOS, but we did follow all recommendations and improved the key exchange process according to the guidelines we received from the organizations who discovered the issue.
We released fixed versions last week, so if you upgrade your devices routinely, no further action is required.
CWE-323
CVE-2017-13077
CVE-2017-13078
CVE-2017-13079
CVE-2017-13080
CVE-2017-13081
CVE-2017-13082
CVE-2017-13083
CVE-2017-13084
CVE-2017-13085
CVE-2017-13086
CVE-2017-13087

The following applies to RouterOS software prior to updates related to the issue.

nv2
nv2 is not affected in any way. This applies to both - nv2 AP and client. There is no nonce reset in key exchange possible and key re-installation is not possible, because nv2 key exchange does not directly follow 802.11 key exchange specification.

802.11 nonce reuse
RouterOS is not affected in any way, RouterOS generates cryptographically strong random initial nonce on boot and never reuses the same nonce during uptime.

802.11 key reinstallation
The device operating as client in key exchange is affected by this issue. This means that RouterOS in station modes and APs that establish WDS links with other APs are affected. RouterOS APs (both - standalone and CAPsMAN controlled), that do not establish WDS links with other APs, are not affected. Key reinstallation by resending key exchange frame allows attacker to reset encrypted frame packet counter. This allows attacker to replay frames that where previously sent by AP to client. Please note that RouterOS DOES NOT reset key to some known value that would allow attacker to inject/decrypt any frames to/from client.

Suggested course of action
It is always recommended to upgrade to latest RouterOS version, but depending on wireless protocol and mode the suggested course of action is as follows:
- nv2: no action necessary
- 802.11/nstreme AP without WDS: no action necessary
- CAPsMAN: no action necessary
- 802.11/nstreme client (all station modes) or AP with WDS: upgrade to fixed version ASAP.

Vendor Information

Though Mikrotik has self-identified as not affected, they have published updates that "improved WPA2 key exchange reliability" (see https://mikrotik.com/download/changelogs).

Vendor References

https://forum.mikrotik.com/viewtopic.php?f=21&t=126695#p623324

Addendum

There are no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.

SonicWall

Updated:  October 19, 2017

Status

  Not Affected

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Vendor References

https://www.sonicwall.com/en-us/support/product-notification/wpa2-krack-exploit-a-sonicwall-alert

Addendum

There are no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.

VMware

Notified:  August 28, 2017 Updated:  October 16, 2017

Statement Date:   October 13, 2017

Status

  Not Affected

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Addendum

There are no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.

3com Inc

Notified:  August 30, 2017 Updated:  August 30, 2017

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Addendum

There are no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.

ACCESS

Notified:  August 28, 2017 Updated:  August 28, 2017

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Addendum

There are no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.

ARRIS

Notified:  October 16, 2017 Updated:  October 16, 2017

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Addendum

There are no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.

AT&T

Notified:  August 28, 2017 Updated:  August 28, 2017

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Addendum

There are no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.

Acer

Updated:  November 08, 2017

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Addendum

There are no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.

Alpine Linux

Notified:  August 28, 2017 Updated:  August 28, 2017

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Addendum

There are no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.

Amazon

Notified:  August 28, 2017 Updated:  August 28, 2017

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Addendum

There are no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.

Atheros Communications, Inc.

Notified:  August 30, 2017 Updated:  August 30, 2017

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Addendum

There are no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.

Avaya, Inc.

Notified:  August 28, 2017 Updated:  August 28, 2017

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Addendum

There are no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.

Barnes and Noble

Notified:  August 28, 2017 Updated:  August 28, 2017

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Addendum

There are no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.

Belkin, Inc.

Notified:  August 28, 2017 Updated:  October 19, 2017

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Vendor References

http://community.wemo.com/t5/News-and-Announcements/KRACK-Vulnerability/td-p/41264 https://community.linksys.com/t5/Wireless-Routers/KRACK-Vulnerability/td-p/1218573

Addendum

There are no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.

BlackBerry

Notified:  October 13, 2017 Updated:  October 13, 2017

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Addendum

There are no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.

Blue Coat Systems

Notified:  August 28, 2017 Updated:  August 28, 2017

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Addendum

There are no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.

Brocade Communication Systems

Notified:  August 28, 2017 Updated:  August 28, 2017

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Addendum

There are no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.

CA Technologies

Notified:  August 28, 2017 Updated:  August 28, 2017

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Addendum

There are no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.

CMX Systems

Notified:  August 28, 2017 Updated:  August 28, 2017

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Addendum

There are no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.

Contiki OS

Notified:  August 28, 2017 Updated:  August 28, 2017

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Addendum

There are no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.

CoreOS

Notified:  August 28, 2017 Updated:  August 28, 2017

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Addendum

There are no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.

DesktopBSD

Notified:  August 28, 2017 Updated:  August 28, 2017

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Addendum

There are no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.

Devicescape

Notified:  August 30, 2017 Updated:  August 30, 2017

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Addendum

There are no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.

DragonFly BSD Project

Notified:  August 28, 2017 Updated:  August 28, 2017

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Addendum

There are no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.

ENEA

Notified:  August 28, 2017 Updated:  August 28, 2017

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Addendum

There are no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.

EfficientIP SAS

Notified:  August 28, 2017 Updated:  August 28, 2017

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Addendum

There are no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.

Ericsson

Notified:  August 28, 2017 Updated:  August 28, 2017

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Addendum

There are no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.

European Registry for Internet Domains

Notified:  August 28, 2017 Updated:  August 28, 2017

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Addendum

There are no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.

Force10 Networks

Notified:  August 28, 2017 Updated:  August 28, 2017

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Addendum

There are no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.

Foundry Brocade

Notified:  August 28, 2017 Updated:  August 28, 2017

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Addendum

There are no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.

GNU adns

Notified:  August 28, 2017 Updated:  August 28, 2017

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Addendum

There are no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.

GNU glibc

Notified:  August 28, 2017 Updated:  August 28, 2017

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Addendum

There are no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.

HTC

Notified:  August 28, 2017 Updated:  August 28, 2017

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Addendum

There are no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.

HardenedBSD

Notified:  August 28, 2017 Updated:  August 28, 2017

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Addendum

There are no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.

Hitachi

Notified:  August 28, 2017 Updated:  August 28, 2017

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Addendum

There are no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.

Honeywell

Updated:  November 08, 2017

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Addendum

There are no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.

Huawei Technologies

Notified:  August 22, 2017 Updated:  August 22, 2017

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Addendum

There are no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.

IBM, INC.

Notified:  August 28, 2017 Updated:  August 28, 2017

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Addendum

There are no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.

Infoblox

Notified:  August 28, 2017 Updated:  August 28, 2017

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Addendum

There are no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.

JH Software

Notified:  August 28, 2017 Updated:  August 28, 2017

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Addendum

There are no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.

Joyent

Notified:  August 28, 2017 Updated:  August 28, 2017

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Addendum

There are no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.

Kyocera Communications

Notified:  August 28, 2017 Updated:  August 28, 2017

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Addendum

There are no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.

LG Electronics

Notified:  August 28, 2017 Updated:  August 28, 2017

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Addendum

There are no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.

Lantronix

Notified:  October 02, 2017 Updated:  October 10, 2017

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Addendum

There are no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.

Lynx Software Technologies

Notified:  August 28, 2017 Updated:  August 28, 2017

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Addendum

There are no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.

Marvell Semiconductor

Notified:  September 18, 2017 Updated:  September 25, 2017

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Addendum

There are no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.

McAfee

Notified:  August 28, 2017 Updated:  August 28, 2017

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Addendum

There are no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.

MediaTek

Notified:  August 30, 2017 Updated:  August 30, 2017

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Addendum

There are no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.

Medtronic

Notified:  August 30, 2017 Updated:  August 30, 2017

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Addendum

There are no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.

Motorola, Inc.

Notified:  August 28, 2017 Updated:  August 28, 2017

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Addendum

There are no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.

NEC Corporation

Notified:  August 28, 2017 Updated:  August 28, 2017

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Addendum

There are no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.

NLnet Labs

Notified:  August 28, 2017 Updated:  August 28, 2017

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Addendum

There are no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.

Nexenta

Notified:  August 28, 2017 Updated:  August 28, 2017

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Addendum

There are no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.

Nokia

Notified:  August 28, 2017 Updated:  August 28, 2017

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Addendum

There are no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.

Nominum

Notified:  August 28, 2017 Updated:  August 28, 2017

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Addendum

There are no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.

OmniTI

Notified:  August 28, 2017 Updated:  August 28, 2017

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Addendum

There are no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.

OpenDNS

Notified:  August 28, 2017 Updated:  August 28, 2017

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Addendum

There are no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.

OpenIndiana

Notified:  August 28, 2017 Updated:  August 28, 2017

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Addendum

There are no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.

Openwall GNU/*/Linux

Notified:  August 28, 2017 Updated:  August 28, 2017

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Addendum

There are no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.

Oracle Corporation

Notified:  August 28, 2017 Updated:  August 28, 2017

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Addendum

There are no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.

Oryx Embedded

Notified:  August 28, 2017 Updated:  August 28, 2017

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Addendum

There are no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.

Philips Electronics

Notified:  August 28, 2017 Updated:  August 28, 2017

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Addendum

There are no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.

PowerDNS

Notified:  August 28, 2017 Updated:  August 28, 2017

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Addendum

There are no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.

Pulse Secure

Notified:  August 30, 2017 Updated:  August 30, 2017

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Addendum

There are no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.

QNX Software Systems Inc.

Notified:  August 28, 2017 Updated:  August 28, 2017

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Addendum

There are no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.

QUALCOMM Incorporated

Notified:  August 28, 2017 Updated:  August 28, 2017

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Addendum

There are no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.

Quadros Systems

Notified:  August 28, 2017 Updated:  August 28, 2017

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Addendum

There are no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.

Quantenna Communications

Notified:  September 18, 2017 Updated:  September 18, 2017

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Addendum

There are no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.

ReactOS

Notified:  August 28, 2017 Updated:  August 28, 2017

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Addendum

There are no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.

Redpine Signals

Notified:  September 18, 2017 Updated:  September 25, 2017

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Addendum

There are no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.

Rocket RTOS

Notified:  August 28, 2017 Updated:  August 28, 2017

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Addendum

There are no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.

SafeNet

Notified:  August 28, 2017 Updated:  August 28, 2017

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Addendum

There are no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.

Secure64 Software Corporation

Notified:  August 28, 2017 Updated:  August 28, 2017

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Addendum

There are no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.

SmoothWall

Notified:  August 28, 2017 Updated:  August 28, 2017

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Addendum

There are no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.

Snort

Notified:  August 28, 2017 Updated:  August 28, 2017

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Addendum

There are no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.

Sony Corporation

Notified:  August 28, 2017 Updated:  August 28, 2017

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Addendum

There are no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.

Sourcefire

Notified:  August 28, 2017 Updated:  August 28, 2017

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Addendum

There are no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.

Stryker

Notified:  August 30, 2017 Updated:  September 25, 2017

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Addendum

There are no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.

Symantec

Notified:  August 28, 2017 Updated:  August 28, 2017

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Addendum

There are no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.

TCPWave

Notified:  August 28, 2017 Updated:  August 28, 2017

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Addendum

There are no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.

TippingPoint Technologies Inc.

Notified:  August 28, 2017 Updated:  August 28, 2017

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Addendum

There are no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.

Tizen

Notified:  August 28, 2017 Updated:  August 28, 2017

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Addendum

There are no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.

TrueOS

Notified:  August 28, 2017 Updated:  August 28, 2017

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Addendum

There are no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.

Turbolinux

Notified:  August 28, 2017 Updated:  August 28, 2017

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Addendum

There are no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.

Unisys

Notified:  August 28, 2017 Updated:  August 28, 2017

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Addendum

There are no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.

Welch Allyn

Notified:  August 30, 2017 Updated:  September 25, 2017

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Addendum

There are no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.

Wind River

Notified:  August 28, 2017 Updated:  August 28, 2017

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Addendum

There are no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.

WizNET Technology

Notified:  August 28, 2017 Updated:  August 28, 2017

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Addendum

There are no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.

Xilinx

Notified:  August 28, 2017 Updated:  August 28, 2017

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Addendum

There are no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.

Zephyr Project

Notified:  August 28, 2017 Updated:  August 28, 2017

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Addendum

There are no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.

dnsmasq

Notified:  August 28, 2017 Updated:  August 28, 2017

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Addendum

There are no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.

gdnsd

Notified:  August 28, 2017 Updated:  August 28, 2017

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Addendum

There are no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.

m0n0wall

Notified:  August 28, 2017 Updated:  August 28, 2017

Status

  Unknown

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Addendum

There are no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.


CVSS Metrics

Group Score Vector
Base 5.4 AV:A/AC:M/Au:N/C:P/I:P/A:P
Temporal 4.9 E:POC/RL:ND/RC:C
Environmental 5.7 CDP:ND/TD:H/CR:H/IR:H/AR:ND

References

Credit

Thanks to Mathy Vanhoef of the imec-DistriNet group at KU Leuven for reporting these vulnerabilities. Mathy thanks John A. Van Boxtel for finding that wpa_supplicant v2.6 is also vulnerable to CVE-2017-13077. The CERT/CC also thanks ICASI for their efforts to facilitate vendor collaboration on addressing these vulnerabilities.

This document was written by Joel Land.

Other Information

CVE IDs: CVE-2017-13077, CVE-2017-13078, CVE-2017-13079, CVE-2017-13080, CVE-2017-13081, CVE-2017-13082, CVE-2017-13084, CVE-2017-13086, CVE-2017-13087, CVE-2017-13088
Date Public: 2017-10-16
Date First Published: 2017-10-16
Date Last Updated: 2017-11-16 16:37 UTC
Document Revision: 142

Sponsored by the Department of Homeland Security Office of Cybersecurity and Communications.