Summary

A WiFi vulnerability issue has been published that affects WPA and WPA2 authentication. It is possible for an attacker within range of a WiFi access point to intercept data sent between a WiFi client and an Access Point using a Key Reinstallation Attack (named KRACK by its authors).

Cradlepoint is incorporating a patch that addresses this vulnerability and expects to release NetCloud OS 6.4.2 Tuesday, October 31, 2017.

 

What is it?

The Key Reinstallation Attack was published earlier this week by Belgian researchers. It allows attackers within range of a WiFi access point the ability to monitor data sent between a WiFi client and an Access Point.

Our analysis of this exploit is that Cradlepoint router AP functionality is not at risk, but WiFi-as-WAN and WiFi Client functionality is at risk. Along with our Wireless driver vendors and WiFi Authentication services, we are updating our routers to mitigate this issue.

For more information, please see

  1. http://www.kb.cert.org/vuls/id/228519
  2. https://www.krackattacks.com

 

The related CVEs are:

 

CVE-2017-13077 Reinstallation of the pairwise key in the Four-way handshake
CVE-2017-13078 Reinstallation of the group key in the Four-way handshake
CVE-2017-13079 Reinstallation of the integrity group key in the Four-way handshake
CVE-2017-13080 Reinstallation of the group key in the Group Key handshake
CVE-2017-13081 Reinstallation of the integrity group key in the Group Key handshake
CVE-2017-13082 Accepting a retransmitted FT Reassociation Request and reinstalling the pairwise key while processing it
CVE-2017-13084 Reinstallation of the STK key in the PeerKey handshake
CVE-2017-13086 Reinstallation of the Tunneled Direct-Link Setup (TDLS) PeerKey (TPK) key in the TDLS handshake
CVE-2017-13087 Reinstallation of the group key (GTK) when processing a Wireless Network Management

(WNM) Sleep Mode Response frame

CVE-2017-13088 Reinstallation of the integrity group key (IGTK) when processing a Wireless Network Management (WNM) Sleep Mode Response frame

 

What Cradlepoint devices are affected?

All currently supported products that support WiFi are affected.

AER COR OTHERS
AER3100 IBR1100 MBR1200B
AER2100 IBR900
AER1600 IBR600
IBR600B
IBR600C

 

Please note the CBA850 and other products with no Wi-Fi are not affected.

Mitigation Steps: what actions do I take?

  1. If you do not use WiFi-as-WAN or Wi-Fi Client functionality, no action is necessary. However, we suggest you update to the 6.4.2 release when it is
  2. If you use WiFi-as-WAN or Wi-Fi Client functionality, ensure that your attached clients use VPN or HTTPS connections to encrypt their

Upgrading to New Firmware

At Cradlepoint, protecting your network is our first priority.

To upgrade your firmware:

  1. For instructions on upgrading firmware using NetCloud Manager, click here.
  2. For instructions on upgrading firmware using the Automatic Update capability in the router user interface, click here.
  3. If you want to download new firmware and manually update using the router user interface, click here.

 

For more information, contact your USAT Corp Representative by visiting here.

 

 

Share this Article..Email this to someoneShare on FacebookDigg thisTweet about this on TwitterShare on TumblrShare on StumbleUponShare on RedditPrint this pagePin on PinterestShare on LinkedInShare on Google+