Microchip Technology Information for VU#228519
Wi-Fi Protected Access (WPA) handshake traffic can be manipulated to induce nonce and session key reuse
- Vendor Information Help Date Notified: 28 Aug 2017
- Statement Date: 13 Oct 2017
- Date Updated: 17 Oct 2017
For the most updated information about Microchip Wi-Fi products with regards to the WPA2 vulnerabilities , please visit: http://www.microchip.com/design-centers/wireless-connectivity/embedded-wi-fi/wpa2-protocol-vulnerability
- ATWINC15x0 based products (IC & Modules ) are affected by this vulnerability – Updated FW with fixes is available here: http://www.microchip.com/wwwproducts/en/ATWINC1500
- RN131 / RN171 based products are affected by this vulnerability – Updated FW (4.82) will be available by 10/31 and will be published here: http://www.microchip.com/wwwproducts/en/RN171
- ATWILC1000 & ATWILC3000 based products (IC & Modules) for Linux systems – WPA2 implementation resides on the Host MPU and not on the wireless device. We highly recommend our customers to integrate the latest patches available to ensure their systems are protected.
We are not aware of further vendor information regarding this vulnerability.
There are no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us email.