Zyxel security advisory for the key management vulnerabilities of WPA2 protocol
Zyxel
is aware of the recently found key management vulnerabilities of the WiFi Protected
Access II (WPA2) security protocol, as identified in US-CERT vulnerability note VU#228519, with the vulnerability IDs listed in table 1.
What are the vulnerabilities?
These vulnerabilities affect wireless products that connect to WiFi networks n different ways, depending on the role of products as WiFi clients or servers, as described in table 1 below.
Table 1.
Type of attack |
CVE IDs |
Devices impacted |
4-way handshake |
WiFi clients |
|
Group-key handshake |
WiFi clients |
|
802.11r Fast-BSS Transition (FT) |
Access points |
|
Peer-key handshake |
WiFi clients |
It is important to note that an attacker has to be physically nearby and is within the wireless range to exploit these weaknesses.[1]
Please see: https://www.krackattacks.com/#details for more technical information.
We have conducted a thorough investigation and Nebula Access Points are immune from above CVE vulnerabilities.
For more information and technical details regarding the vulnerabilities please see below references:
1. US-CERT VU note: https://www.kb.cert.org/vuls/id/228519/
2. Disclosure by by Mathy Vanhoef of imec-DistriNet of KU Leuven: https://www.krackattacks.com/
Categories
- All Categories
- 396 Beta Program
- 2.1K Nebula
- 117 Nebula Ideas
- 81 Nebula Status and Incidents
- 5.1K Security
- 86 USG FLEX H Series
- 247 Security Ideas
- 1.3K Switch
- 69 Switch Ideas
- 915 WirelessLAN
- 34 WLAN Ideas
- 5.9K Consumer Product
- 211 Service & License
- 337 News and Release
- 71 Security Advisories
- 21 Education Center
- 5 [Campaign] Zyxel Network Detective
- 2K FAQ
- 912 Nebula FAQ
- 419 Security FAQ
- 237 Switch FAQ
- 207 WirelessLAN FAQ
- 46 Consumer Product FAQ
- 139 Service & License FAQ
- 34 Documents
- 34 Nebula Monthly Express
- 72 About Community
- 62 Security Highlight