KRACK WPA Exploit - Important Read: Responses from Vendors

KRACK (Key Reinstallation Attack) - Vendors quick to respond and patch critical WPA flaw


We've aggregated all the responses from vendors/manufacturers to keep you in the loop with regards to the recent 'KRACK Attack' exploit (relating to WPA wireless encryption), and below is the latest info from each vendor:



TP-Link is aware of vulnerabilities in the WPA2 security protocol that affect some TP-Link products. An attacker within wireless range of a Wi-Fi network can exploit these vulnerabilities using key reinstallation attacks (KRACKs). According to the research paper on KRACKs by Mathy Vanhoef that brought this vulnerability to the attention of vendors, the attack targets the WPA2 handshake and does not exploit access points, but instead targets clients. All vulnerabilities can be fixed through software updates since the issues are related to implementation flaws.


TP-Link has been working to solve this problem and will continue to post software updates at: www.tp-link.com/support.html. Products with TP-Link Cloud enabled will receive update notifications in the web management interface, Tether App or Deco App automatically.


More information about KRACK can be found through the link: https://www.krackattacks.com.


Note that the following two conditions must exist in order for the KRACK vulnerability to be exploited:

  • Physical Proximity: An attack can only happen when an attacker is in physical proximity to and within wireless range of your network.
  • Time Window: An attack can only happen when a client device is connecting or reconnecting to a Wi-Fi network.


Unaffected TP-Link products:

All powerline adapters

All mobile Wi-Fi products

Routers and gateways working in their default mode (Router Mode) and AP Mode

Range extenders working in AP Mode

Business Wi-Fi EAP series access points working on AP mode


Affected TP-Link products:

Routers working in Repeater Mode/WISP Mode/Client Modeļ¼š

TL-WR940N with firmware version 3.17.1 Build 170717 Rel.55495n or earlier (Hardware Version 3.0 or earlier not affected)

TL-WR841Nv13 with firmware version 0.9.1 4.16 v0348.0 Build 170814 Rel.59214n or earlier (Hardware Version 12.0 or earlier not affected)

TL-WR840N with firmware version 0.9.1 4.16 v019a.0 Build 170524 Rel.56478n or earlier (Hardware Version 2.0 or earlier not affected)

TL-WR941HP with firmware version 3.16.9 Build 20170116 Rel.50912n or earlier

TL-WR841HP with firmware version 3.16.9 Build 160612 Rel.67073n or earlier

TL-WR902AC with firmware version 3.16.9 Build 20160905 Rel.61455n or earlier

TL-WR802N with firmware version 0.9.1 3.16 v0188.0 Build 170705 Rel.34179n or earlier

TL-WR810N with firmware version 3.16.9 Build 160801 Rel.57365n or earlier

Routers with WDS function enabled (disabled by default) may be affected. Refer to the FAQ to learn how to check if WDS is enabled on your router. 


Range Extenders working in Repeater Mode during a WPA2 handshake that is initiated only when connecting or reconnecting to a router:

TL-WA850RE with firmware version 1.0.0 Build 20170609 Rel.34153 or earlier

TL-WA855RE with firmware version 1.0.0 Build 20170609 Rel.36187 or earlier

TL-WA860RE with firmware version 1.0.0 Build 20170609 Rel.38491 or earlier

RE200 with firmware version 1.1.3 Build 20170818 Rel.58183 or earlier

RE210 with firmware version 3.14.2 Build 160623 Rel.43391n or earlier

RE305 with firmware version 1.0.0 Build 20170614 Rel.42952 or earlier

RE450 with firmware version 1.0.2 Build 20170626 Rel.60833 or earlier

RE500 with firmware version 1.0.1 Build20170210 Rel.59671 or earlier

RE650 with firmware version 1.0.2 Build 20170524 Rel.58598 or earlier


Wireless Adapters:

Archer T6E

Archer T9E


Whole Home Wi-Fi System:

Deco M5 with firmware version 1.1.5 Build 20170820 Rel.62483 or earlier


Business VPN Router/CPE/WBS/CAP:

CAP300 with firmware version 1.1.0 Build 20170601 Rel.60253 or earlier

CAP300-Outdoor with firmware version 1.1.0 Build 20170601 Rel.60212 or earlier

CAP1750 with firmware version 1.1.0 Build 20170601 Rel.60196 or earlier

CAP1200 with firmware version 1.0.0 Build 20170801 Rel.61314 or earlier

TL-ER604W with firmware version 1.2.0 Build 20160825 Rel.45880 or earlier

CPE520 with firmware version 2.1.6 Build 20170908 Rel.45234 or earlier

CPE610 with firmware version 2.1.5 Build 20170830 Rel. 58245 or earlier

CPE510 with firmware version 2.1.6 Build 20170908 Rel. 45233 or earlier

CPE220 with firmware version 2.1.6 Build 20170908 Rel. 45233 or earlier

CPE210 with firmware version 2.1.6 Build 20170908 Rel. 45234 or earlier

WBS210 with firmware version 2.1.0 Build 20170609 Rel. 57434 or earlier

WBS510 with firmware version 2.1.6 Build 20170908 Rel. 45234 or earlier


Smart home devices:

Smart Plugs and Switch: HS100, HS105, HS110, HS200

Smart Bulbs: LB100, LB110, LB120, LB130, LB200, LB230

Smart Repeater with Plugs: RE350K, RE270K, RE370K

Cameras: NC250, NC260, NC450, KC120


How to protect your devices

Until a software update is available to eliminate the vulnerability for your product, it is recommended to take the following precautions:

For wireless routers: Make sure your routers are in Router Mode or AP Mode, and patch the operating system of your smartphones, tablets and computers.

For wireless adapters: Patch the operating system of your computers.

Microsoft security update: Microsoft has fixed such security issues as mentioned in https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-13080


TP-Link has been working on affected models and will release firmware over the next few weeks on our official website.


Associated CVE identifiers

The following Common Vulnerabilities and Exposures (CVE) identifiers have been assigned to track which products are affected by specific types of key reinstallation attacks:


  • CVE-2017-13077: Reinstallation of the pairwise encryption key (PTK-TK) in the 4-way handshake
  • CVE-2017-13078: Reinstallation of the group key (GTK) in the 4-way handshake
  • CVE-2017-13079: Reinstallation of the integrity group key (IGTK) in the 4-way handshake
  • CVE-2017-13080: Reinstallation of the group key (GTK) in the group key handshake
  • CVE-2017-13081: Reinstallation of the integrity group key (IGTK) in the group key handshake.
  • CVE-2017-13082: Accepting a retransmitted Fast BSS Transition (FT) Reassociation Request and reinstalling the pairwise encryption key (PTK-TK) while processing it
  • CVE-2017-13084: Reinstallation of the STK key in the PeerKey handshake
  • CVE-2017-13086: reinstallation of the Tunneled Direct-Link Setup (TDLS) PeerKey (TPK) key in the TDLS handshake
  • CVE-2017-13087: reinstallation of the group key (GTK) when processing a Wireless Network Management (WNM) Sleep Mode Response frame
  • CVE-2017-13088: reinstallation of the integrity group key (IGTK) when processing a Wireless Network Management (WNM) Sleep Mode Response frame


Disclaimer

WPA2 vulnerabilities will remain if you do not take all recommended actions. TP-Link will not bear any responsibility for consequences that could have been avoided by following the recommendations in this statement.



On October 16. CERT/CC/ICASI released a public announcement about discovered vulnerabilities in WPA2 handshake protocols that affect most WiFi users and all vendors world wide. 


RouterOS v6.39.3, v6.40.4, v6.41rc are not affected!
It is important to note that the vulnerability is discovered in the protocol itself, so even a correct implementation is affected. 

These organizations did contact us earlier, so we have already released fixed versions that address the outlined issues. Not all of the discovered vulnerabilities directly impact RouterOS users, or even apply to RouterOS, but we did follow all recommendations and improved the key exchange process according to the guidelines we received from the organizations who discovered the issue. 

We released fixed versions last week, so if you upgrade your devices routinely, no further action is required.
CWE-323
CVE-2017-13077
CVE-2017-13078
CVE-2017-13079
CVE-2017-13080
CVE-2017-13081
CVE-2017-13082
CVE-2017-13084
CVE-2017-13086
CVE-2017-13087
CVE-2017-13088

The following applies to RouterOS software prior to updates related to the issue.

nv2
nv2 is not affected in any way. This applies to both - nv2 AP and client. There is no nonce reset in key exchange possible and key re-installation is not possible, because nv2 key exchange does not directly follow 802.11 key exchange specification.

802.11 nonce reuse
RouterOS is not affected in any way, RouterOS generates cryptographically strong random initial nonce on boot and never reuses the same nonce during uptime.

802.11 key reinstallation
The device operating as client in key exchange is affected by this issue. This means that RouterOS in station modes and APs that establish WDS links with other APs are affected. RouterOS APs (both - standalone and CAPsMAN controlled), that do not establish WDS links with other APs, are not affected. Key reinstallation by resending key exchange frame allows attacker to reset encrypted frame packet counter. This allows attacker to replay frames that where previously sent by AP to client. Please note that RouterOS DOES NOT reset key to some known value that would allow attacker to inject/decrypt any frames to/from client.

Suggested course of action
It is always recommended to upgrade to latest RouterOS version, but depending on wireless protocol and mode the suggested course of action is as follows:
- nv2: no action necessary
- 802.11/nstreme AP without WDS: no action necessary
- CAPsMAN: no action necessary
- 802.11/nstreme client (all station modes) or AP with WDS: upgrade to fixed version ASAP.

For AP devices:

ModeCourse of action
nv2No upgrade necessary
nstremeNo upgrade necessary
WiFiNo upgrade necessary
CAPsMAN WiFiNo upgrade necessary
WDS WiFi/nstremeUpgrade required


For CPE devices (MikroTik Station mode):

ModeCourse of action
nv2No upgrade necessary
WiFiUpgrade required
nstremeUpgrade required




At Ubiquiti Networks we take security very seriously, and realize that it is of utmost importance to our customers. Today (10/18/17), a vulnerability was published about WPA2 encrypted networks, the currently known secure form of encryption available to protect WiFi devices. We have been working with Jouni Malinen, the original author of hostap, as well as other industry leaders in security, to roll out a stable firmware in time for the public disclosure. For more information on the KRACK vulnerability, click here.  

IMPORTANT
Please note that this vulnerability affects WiFi client devices more specifically than access point devices. We strongly recommend that all users check with relevant mobile device, laptop, and IoT manufacturers for firmware updates resolving the KRACK issue in their devices.


To ensure our customers are protected, we have released firmware for UniFi Access Points that resolves this vulnerability for all users using the wireless uplink feature. This firmware is immediately available, and can be downloaded in our UniFi Updates Blog. It has been pushed to all recent 5.6.x controller builds, as well as on our community blog. We will be rolling out to other controllers in the near future.


See our table below for a list of UniFi devices that need to have a firmware update because of the WPA-PSK KRACK vulnerabilities, and the ones that don't. The patched firmware is version 3.9.3.7537 released on October 16th, 2017. Any version prior to that is potentially vulnerable.


UNAFFECTED DEVICES THAT DO NOT REQUIRE A FIRMWARE UPDATE

UAP-AC

UAP-AC v2

UAP-AC-Outdoor


DEVICES THAT NEED FIRMWARE UPDATE

UAP-AC-LITE
UAP-AC-LR
UAP-AC-PRO
UAP-AC-M
UAP-AC-M-PRO
UAP-AC-IW
UAP-AC-IW-PRO

Firmware Download: https://dl.ubnt.com/unifi/firmware/U7PG2/3.9.3.7537/BZ.qca956x.v3.9.3.7537.171013.1101.bin


UAP-AC-HD
UAP-AC-SHD

Firmware Download: https://dl.ubnt.com/unifi/firmware/U7HD/3.9.3.7537/BZ.ipq806x.v3.9.3.7537.171013.1055.bin


UAP
UAP-LR
UAP-Outdoor
UAP-Outdoor5

Firmware Download: https://dl.ubnt.com/unifi/firmware/BZ2/3.9.3.7537/BZ.ar7240.v3.9.3.7537.171013.1042.bin


UAP v2
UAP-LR v2

Firmware Download: https://dl.ubnt.com/unifi/firmware/U2Sv2/3.9.3.7537/BZ.qca9342.v3.9.3.7537.171013.1042.bin


UAP-PRO

Firmware Download: https://dl.ubnt.com/unifi/firmware/U7P/3.9.3.7537/BZ.ar934x.v3.9.3.7537.171013.1042.bin


UAP-Outdoor+



UAP-IW


AmpliFi 
AmpliFi line products are not affected since firmware v2.4.3.
Firmware v2.4.2 is partially affected and all versions prior to that are affected.

airMAX
Released: find below the fully patched firmware versions for AC (v8.4.2) and M (v6.1.2) airMAX devices. Note: our proprietary airMAX protocol makes simple attacks more difficult.

References:

UniFi Video
Wired cameras are not affected. Wireless cameras (UVC-Micro / G3-Micro) are not vulnerable to MitM attacks due to complete encryption and mutual certificate authentication of NVR traffic implemented in version 3.8.0+.

Additionally, as of firmware release v3.8.61 (included with UniFi Video Controller v3.8.2), all wireless cameras have also been patched against the KRACK exploit for added security. Upgrading to UniFi Video v3.8.2 is recommended so that wireless cameras are upgraded and receive the patch.

Comments