Wireless Access

last person joined: 20 hours ago 

Access network design for branch, remote, outdoor, and campus locations with HPE Aruba Networking access points and mobility controllers.
Back to discussions
Expand all | Collapse all

Aruba access points and Kr00k

This thread has been viewed 2 times

  • 1.  Aruba access points and Kr00k

    Posted Feb 27, 2020 02:23 PM

    Are any of Aruba's access points vulnerable to Kr00k? This vulnerability involves Broadcom and Cypress Wi-Fi components.

     



  • 2.  RE: Aruba access points and Kr00k

    MVP GURU
    Posted Feb 27, 2020 02:26 PM

    See this document for more information. From the looks of it, Aruba APs were not on the list: https://www.welivesecurity.com/wp-content/uploads/2020/02/ESET_Kr00k.pdf

     



  • 3.  RE: Aruba access points and Kr00k

    Posted Feb 27, 2020 05:43 PM

    Looks like that same PDF isn't an exhaustive list of all vulnerabilities -- it would be good for Aruba to officially confirm which APs are/are not vulnerable.



  • 4.  RE: Aruba access points and Kr00k

    MVP GURU
    Posted Feb 27, 2020 05:47 PM

    Yea. I think some of the AP-200 series APs have Broadcom chips, and the AP-300 Series are Qualcom.



  • 5.  RE: Aruba access points and Kr00k

    EMPLOYEE
    Posted Feb 27, 2020 05:51 PM

    If and when Aruba Confirms any security issues, they will appear here:  https://www.arubanetworks.com/support-services/security-bulletins/

     

    There is also a link on that page to sign up for alerts.