Netgear/Support - Security Advisory for WPA-2 Vulnerabilities
< Netgear
Jump to navigation
Jump to search
Vulnerability Note VU#228519
- CVE-2017-13077: Reinstallation of the pairwise encryption key (PTK-TK) in the 4-way handshake.
- CVE-2017-13078: Reinstallation of the group key (GTK) in the 4-way handshake.
- CVE-2017-13079: Reinstallation of the integrity group key (IGTK) in the 4-way handshake.
- CVE-2017-13080: Reinstallation of the group key (GTK) in the group key handshake.
- CVE-2017-13081: Reinstallation of the integrity group key (IGTK) in the group key handshake.
- CVE-2017-13082: Accepting a retransmitted Fast BSS Transition (FT) Reassociation Request
- and reinstalling the pairwise encryption key (PTK-TK) while processing it.
- CVE-2017-13084: Reinstallation of the STK key in the PeerKey handshake.
- CVE-2017-13086: Reinstallation of the Tunneled Direct-Link Setup (TDLS) PeerKey (TPK) key
- in the TDLS handshake.
- CVE-2017-13087: Reinstallation of the group key (GTK) when processing a Wireless Network
- Management (WNM) Sleep Mode Response frame.
- CVE-2017-13088: Reinstallation of the integrity group key (IGTK) when processing a Wireless
- Network Management (WNM) Sleep Mode Response frame.
Security Advisory for WPA-2 Vulnerabilities
Associated CVE IDs:
- CVE-2017-13077
- CVE-2017-13078
- CVE-2017-13079
- CVE-2017-13080
- CVE-2017-13081
- CVE-2017-13082
These WPA-2 vulnerabilities affect the following products:
- Orbi WiFi Systems:
- Netgear Orbi Satellite (RBS50) running firmware version 2.0.0.74 or earlier
- Netgear Orbi Satellite (RBS40) running firmware version 2.0.0.56 or earlier
- Netgear Orbi Wall Plug Satellite (RBW30) running firmware version 2.0.0.34 or earlier
- WiFi Adapters:
- Netgear A6100 running firmware version 1.0.0.32 or earlier
- Netgear A6210 running firmware version 1.0.0.36 or earlier
- Netgear A7000 running firmware version 1.0.0.11 or earlier
- Netgear WNA3100M running firmware version 1.2.0.7 or earlier
- Netgear WNDA3100v3 running firmware version 1.0.0.10 or earlier
- Routers and Gateways (when used in bridge mode):
- Netgear JR6150 running firmware version 1.0.1.10 or earlier
- Netgear R6020 running firmware version 1.0.0.18 or earlier
- Netgear R6050 running firmware version 1.0.1.10 or earlier
- Netgear R6080 running firmware version 1.0.0.18 or earlier
- Netgear R6100 running firmware version 1.0.1.16 or earlier
- Netgear R6120 running firmware version 1.0.0.30 or earlier
- Netgear R6220 running firmware version 1.1.0.50 or earlier
- Netgear R6250 running firmware version 1.0.4.14 or earlier
- Netgear R6700v2 running firmware version 1.1.0.42 or earlier
- Netgear R6800 running firmware version 1.1.0.42 or earlier
- Netgear R7000 running firmware version 1.0.9.12 or earlier
- Netgear R7500 running firmware version 1.0.0.110 or earlier
- Netgear R7500v2 running firmware version 1.0.3.16 or earlier
- Netgear R7800 running firmware version 1.0.2.36 or earlier
- Netgear R8300 running firmware version 1.0.2.106 or earlier
- Netgear R8500 running firmware version 1.0.2.106 or earlier
- Netgear R9000 running firmware version 1.0.2.40 or earlier
- WiFi Range Extenders:
- Netgear EX2700 running firmware version 1.0.1.20 or earlier
- Netgear EX3700 running firmware version 1.0.0.62 or earlier
- Netgear EX3800 running firmware version 1.0.0.62 or earlier
- Netgear EX6000 running firmware version 1.0.0.20_1.0.11 or earlier
- Netgear EX6100v1 running firmware version 1.0.2.16_1.1.130 or earlier
- Netgear EX6100v2 running firmware version 1.0.1.50 or earlier
- Netgear EX6120 running firmware version 1.0.0.30_1.0.20 or earlier
- Netgear EX6130 running firmware version 1.0.0.16 or earlier
- Netgear EX6150v1 running firmware version 1.0.0.32_1.0.68 or earlier
- Netgear EX6150v2 running firmware version 1.0.1.50 or earlier
- Netgear EX6200v1 running firmware version 1.0.3.76_1.1.111 or earlier
- Netgear EX6200v2 running firmware version 1.0.1.50 or earlier
- Netgear EX6400 running firmware version 1.0.1.60 or earlier
- Netgear EX7000 running firmware version 1.0.0.50_1.0.101 or earlier
- Netgear EX7300 running firmware version 1.0.1.60 or earlier
- Netgear WN2000RPTv3 running firmware version 1.0.1.4 or earlier
- Netgear WN3000RPv3 running firmware version 1.0.2.32 or earlier
- Netgear WN3100RPv2 running firmware version 1.0.0.22 or earlier
- Mobile Hotspots:
- Arlo Cameras:
- Netgear ABC1000
- Netgear VMC3040
- Netgear VMC3040S
- Wireless Access Points:
- Netgear WAC104 running firmware versions prior to 1.0.4.9
- Netgear WAC120 running firmware versions prior to 2.1.5
- Netgear WAC505 running firmware versions prior to 1.5.3.7
- Netgear WAC510 running firmware versions prior to 1.5.3.7
- Netgear WAC720 running firmware versions prior to 3.7.12.0
- Netgear WAC730 running firmware versions prior to 3.7.12.0
- Netgear WN604 running firmware versions prior to 3.3.8
- Netgear WNAP210v2 running firmware versions prior to 3.7.7.0
- Netgear WNAP320 running firmware versions prior to 3.7.7.0
- Netgear WND930 running firmware versions prior to 2.1.3
- Netgear WNDAP350 running firmware versions prior to 3.7.7.0
- Netgear WNDAP360 running firmware versions prior to 3.7.7.0
- Netgear WNDAP620 running firmware versions prior to 2.1.4
- Netgear WNDAP660 running firmware versions prior to 3.7.7.0
Firmware fixes are currently available for the following affected products:
- Wireless Access Points:
- Netgear WAC120 - Firmware Version 2.1.5
- Netgear WAC505 - Firmware Version 1.5.3.7
- Netgear WAC510 - Firmware Version 1.5.3.7
- Netgear WAC720 - Firmware Version 3.7.12.0
- Netgear WAC730 - Firmware Version 3.7.12.0
- Netgear WN604 - Firmware Version 3.3.8
- Netgear WNAP210v2 - Firmware Version 3.7.7.0
- Netgear WNAP320 - Firmware Version 3.7.7.0
- Netgear WND930 - Firmware Version 2.1.3
- Netgear WNDAP350 - Firmware Version 3.7.7.0
- Netgear WNDAP360 - Firmware Version 3.7.7.0
- Netgear WNDAP620 - Firmware Version 2.1.4
- Netgear WNDAP660 - Firmware Version 3.7.7.0