Zyxel security advisory for the key management vulnerabilities of WPA2 protocol
Zyxel
is aware of the recently found key management vulnerabilities of the WiFi Protected
Access II (WPA2) security protocol, as identified in US-CERT vulnerability note VU#228519, with the vulnerability IDs listed in table 1.
What are the vulnerabilities?
These vulnerabilities affect wireless products that connect to WiFi networks n different ways, depending on the role of products as WiFi clients or servers, as described in table 1 below.
Table 1.
Type of attack |
CVE IDs |
Devices impacted |
4-way handshake |
WiFi clients |
|
Group-key handshake |
WiFi clients |
|
802.11r Fast-BSS Transition (FT) |
Access points |
|
Peer-key handshake |
WiFi clients |
It is important to note that an attacker has to be physically nearby and is within the wireless range to exploit these weaknesses.[1]
Please see: https://www.krackattacks.com/#details for more technical information.
We have conducted a thorough investigation and Nebula Access Points are immune from above CVE vulnerabilities.
For more information and technical details regarding the vulnerabilities please see below references:
1. US-CERT VU note: https://www.kb.cert.org/vuls/id/228519/
2. Disclosure by by Mathy Vanhoef of imec-DistriNet of KU Leuven: https://www.krackattacks.com/
Categories
- All Categories
- 385 Beta Program
- 2.1K Nebula
- 116 Nebula Ideas
- 80 Nebula Status and Incidents
- 5.1K Security
- 75 USG FLEX H Series
- 247 Security Ideas
- 1.3K Switch
- 70 Switch Ideas
- 908 WirelessLAN
- 34 WLAN Ideas
- 5.9K Consumer Product
- 211 Service & License
- 335 News and Release
- 71 Security Advisories
- 21 Education Center
- 5 [Campaign] Zyxel Network Detective
- 1.9K FAQ
- 886 Nebula FAQ
- 415 Security FAQ
- 228 Switch FAQ
- 200 WirelessLAN FAQ
- 46 Consumer Product FAQ
- 137 Service & License FAQ
- 34 Documents
- 34 Nebula Monthly Express
- 73 About Community
- 63 Security Highlight