Wireless Access

 View Only
last person joined: 6 hours ago 

Access network design for branch, remote, outdoor, and campus locations with HPE Aruba Networking access points and mobility controllers.
Back to discussions
Expand all | Collapse all

CVE-2023-52424 impact

This thread has been viewed 8 times

  • 1.  CVE-2023-52424 impact

    Posted 11 days ago

     CVE-2023-52424 has been announced.
    NVD

    Nist remove preview
    NVD
    Awaiting Analysis The IEEE 802.11 standard sometimes enables an adversary to trick a victim into connecting to an unintended or untrusted network with Home WEP, Home WPA3 SAE-loop. Enterprise 802.1X/EAP, Mesh AMPE, or FILS, aka an "SSID Confusion" issue.
    View this on Nist >



    Please tell us about the impact on ArubaAP and if there is a release plan, when will a patch be provided?



    ------------------------------
    asakai
    asakai@wi2.co.jp
    ------------------------------


  • 2.  RE: CVE-2023-52424 impact

    EMPLOYEE
    Posted 11 days ago

    The Security main page is here.

    Security advisories and bulletins are posted here.

    Check the Product Security Incident Response Policy (on the first link) for more information on if/when you can expect information or how to get information.

    My personal quick analysis is that this report refers to an 802.11 protocol 'flaw' where clients can be tricked with modified beacons to connect to another network where the attacker must be able to have access to the access credentials (RADIUS server cert, SAE/PSK, and/or user password); and this could be fixed on the client side (or in the protocol). Wireless IDS signatures may be able to detect this attack, but only when the attack happens within the reach of the deployed network. Note this is not an official Aruba or HPE response, it's my personal observation after quickly scanning through the research paper by Héloïse Gollier and Mathy Vanhoef.



    ------------------------------
    Herman Robers
    ------------------------
    If you have urgent issues, always contact your Aruba partner, distributor, or Aruba TAC Support. Check https://www.arubanetworks.com/support-services/contact-support/ for how to contact Aruba TAC. Any opinions expressed here are solely my own and not necessarily that of Hewlett Packard Enterprise or Aruba Networks.

    In case your problem is solved, please invest the time to post a follow-up with the information on how you solved it. Others can benefit from that.
    ------------------------------

    Original Message