Zyxel security advisory for FragAttacks against WiFi products

2»

Comments

  • mMontana
    mMontana Posts: 1,380  Guru Member
    50 Answers 1000 Comments Friend Collector Fifth Anniversary

    On support site this is the status of this device.
    A patch is coming for the issue or not? It's almost 180 days that Zyxel is stalling without publishing a patch for this vulnerability.
    And feels sad to me if the button "postpone" was pushed enough long to put these devices out of support.
  • Zyxel_Richard
    Zyxel_Richard Posts: 254  Zyxel Employee
    Zyxel Certified Network Engineer Level 2 - WLAN Zyxel Certified Network Engineer Level 2 - Switch Zyxel Certified Network Engineer Level 2 - Nebula Zyxel Certified Network Engineer Level 2 - Security
    Hi, 

    After several negotiations, we confirm that there’s no further update patch about NWA1123ACv2. The latest information has been published in the official website (https://www.zyxel.com/support/FragAttacks_against_WiFi_products.shtml)

    Although there’s no patch for this, you can still keep using your existing NWA1123ACv2. Since the FragAttack is a well-known issue, it still requires specific condition like "Man-in-the-Middle" (MITM) which is hard to achieve in the real life.

    By following our guidelines in the original post , you can ensure strong enough security for your SSIDs and network, and keep using it without problem.

    Best regards,
    Richard
  • mMontana
    mMontana Posts: 1,380  Guru Member
    50 Answers 1000 Comments Friend Collector Fifth Anniversary
    I've seen the outcome become this one at least 3 months ago.
    Is obvious that i'm unsatisfied by the answer. Moreover, one thing that I hope Zyxel will consider into the future for have a thinner lineup of APs, for having a better and long lasting support.

    Now i must rule out completely NWA1123vwhatever for suggestions to my customers. Especially the ones burnt by lack of security updates. This looks to me that the 6.10 P8 will be the last firmware available.

    I hope to find the next wave of products more interesting ;).

    Next destination: WPA3 compliant devices.