Wireless Access

Reply
Highlighted
Moderator

WPA2 Vulnerability Discussion

Let's use this thread for discussion and Q&A on the industry-wide WPA2 vulnerability (http://www.arubanetworks.com/support-services/security-bulletins ) We'll have people monitoring throughout the week.

 

I also want to call your attention to some new RFProtect features that were added to ArubaOS in order to help detect the attack.  This is new enough that the technical documentation hasn't been updated yet - but the attached PDF should help.

---
Jon Green, ACMX, CISSP
Security Guy
Occasional Contributor II

Re: WPA2 Vulnerability Discussion

Hi Jon,

 

Can i assume that there is no impact on coroporate networks who are using EAP-TLS? or are these connections vulnerable as well?

----------------------------------------------------------------------------------------
Aruba ACCX #748, ACDX #758, ACMP, ACEAP | HPE Master ASE
Moderator

Re: WPA2 Vulnerability Discussion

Both WPA2-PSK and WPA2-Enterprise are affected by this, so even if using EAP-TLS it's still a problem.  Have a look at the FAQ.

---
Jon Green, ACMX, CISSP
Security Guy
Occasional Contributor I

Re: WPA2 Vulnerability Discussion

Hi jgreen,

 

Thanks for opening this topic. In my case, I would need Aruba Instant 6.5.3.3 but that has already been available since october 10th on the support website, and I can't find anything about WPA2 vulnerability or bug id 168101 in the release notes. Any chance I'm missing something?

image.png

Kind regards

 

 

Moderator

Re: WPA2 Vulnerability Discussion

When all of the fixed versions of software were posted, the vulnerabilities were not yet public.  So the release notes do not mention them.  Now that the vulnerabilities are public, the release notes will be revised.

---
Jon Green, ACMX, CISSP
Security Guy
Occasional Contributor I

Re: WPA2 Vulnerability Discussion

Great, thanks for the quick response!

Moderator

Re: WPA2 Vulnerability Discussion

Question asked through email: "Is OKC affected in the same way as 802.11r?"  Answer: no.  The FT handshake defined in 802.11r is the source of CVE-2017-13082.  OKC doesn't use that.

---
Jon Green, ACMX, CISSP
Security Guy
Occasional Contributor I

Re: WPA2 Vulnerability Discussion

Will there be a list of patched clients - ie clients/os that has a patch for this? It would be great to cover how Windows 7, 8, 8.1, 10 Apple MacOS Sierra, High Sierra, OSX, Linux Mint, Debian, Ubuntu, Android under Samsung, HTC, Sony. Iphone IOS 9,10,11 handle this. 

 

Geir


Re: WPA2 Vulnerability Discussion


jgreen wrote:

Question asked through email: "Is OKC affected in the same way as 802.11r?"  Answer: no.  The FT handshake defined in 802.11r is the source of CVE-2017-13082.  OKC doesn't use that.


That is good to know, thanks!


ACMX#255 | ACDX#742 | ACCX#746 | AMFX#25 | ACMP | ACCP | AWMP
www.securelink.nl
Moderator

Re: WPA2 Vulnerability Discussion


Geir wrote:

Will there be a list of patched clients - ie clients/os that has a patch for this? It would be great to cover how Windows 7, 8, 8.1, 10 Apple MacOS Sierra, High Sierra, OSX, Linux Mint, Debian, Ubuntu, Android under Samsung, HTC, Sony. Iphone IOS 9,10,11 handle this. 

 

Geir



I will do my best to compile that list - right now unfortunately I don't have any information on it.  If people want to add client info to this thread as it comes in, that would be welcome!

---
Jon Green, ACMX, CISSP
Security Guy
Search Airheads
cancel
Showing results for 
Search instead for 
Did you mean: