Toshiba Memory Corporation Information for VU#228519

Wi-Fi Protected Access (WPA) handshake traffic can be manipulated to induce nonce and session key reuse

Status

Affected

Vendor Statement

Product 1: FlashAir

SDHC/SDXC Memory Card with embedded wireless LAN functionality FlashAir may have a security vulnerability related to the generation and management of WPA2 key (for general customers)
http://www.toshiba-personalstorage.net/news/20171017.htm

SDHC/SDXC Memory Card with embedded wireless LAN functionality FlashAir may have a security vulnerability related to the generation and management of WPA2 key (for enterprises and users of the website for developers ESC$B!HESC(BFlashAir DevelopersESC$B!IESC(B)
https://www.toshiba-memory.co.jp/en/company/news/20171017-1.html

Product 2: CANVIO AeroMobile

VULNERABILITY FOUND RELATED TO THE GENERATION AND MANAGEMENT OF WPA2 KEY
http://support.toshiba.com/support/staticContentDetail?contentId=4015875&isFromTOCLink=false

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Vendor References

http://www.toshiba-personalstorage.net/news/20171017.htm
http://support.toshiba.com/support/staticContentDetail?contentId=4015875&isFromTOCLink=false

Addendum

There are no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.