Update 1/5/2018 - Please upgrade to console server firmware version 4.1.1. This patches any vulnerabilities related to KRACK Attacks.
A vulnerability has been discovered in the WPA/WPA2 protocol used to secure Wi-Fi communications. By exploiting a bug in the Wi-Fi client's 4-way handshake code to install weak encryption keys, an attacker within Wi-Fi range may replay arbitrary packets and eavesdrop on communications.
Opengear IM7200, ACM5504-5-G-W-I and ACM5003-W(-E) are affected. Opengear is currently investigating a fix.
To mitigate, ensure traffic sent over Wi-Fi is via a secure protocol such as SSH or HTTPS, or is tunnelled inside VPN such as IPsec or OpenVPN.
The following CVEs have been assigned to specific instantiations of the attack: CVE-2017-13077, CVE-2017-13078, CVE-2017-13079, CVE-2017-13080, CVE-2017-13081, CVE-2017-13082, CVE-2017-13084, CVE-2017-13086, CVE-2017-13087, CVE-2017-13088
For more information on the vulnerability, see: https://www.krackattacks.com
Comments
0 comments
Article is closed for comments.