Netgear/Support - Security Advisory for WPA-2 Vulnerabilities

Vulnerability Note VU#228519

 * CVE-2017-13077: Reinstallation of the pairwise encryption key (PTK-TK) in the 4-way handshake.
 * CVE-2017-13078: Reinstallation of the group key (GTK) in the 4-way handshake.
 * CVE-2017-13079: Reinstallation of the integrity group key (IGTK) in the 4-way handshake.
 * CVE-2017-13080: Reinstallation of the group key (GTK) in the group key handshake.
 * CVE-2017-13081: Reinstallation of the integrity group key (IGTK) in the group key handshake.
 * CVE-2017-13082: Accepting a retransmitted Fast BSS Transition (FT) Reassociation Request
 * and reinstalling the pairwise encryption key (PTK-TK) while processing it.


 * CVE-2017-13084: Reinstallation of the STK key in the PeerKey handshake.
 * CVE-2017-13086: Reinstallation of the Tunneled Direct-Link Setup (TDLS) PeerKey (TPK) key
 * in the TDLS handshake.


 * CVE-2017-13087: Reinstallation of the group key (GTK) when processing a Wireless Network
 * Management (WNM) Sleep Mode Response frame.


 * CVE-2017-13088: Reinstallation of the integrity group key (IGTK) when processing a Wireless
 * Network Management (WNM) Sleep Mode Response frame.

Security Advisory for WPA-2 Vulnerabilities
Associated CVE IDs:
 * CVE-2017-13077
 * CVE-2017-13078
 * CVE-2017-13079
 * CVE-2017-13080
 * CVE-2017-13081
 * CVE-2017-13082

These WPA-2 vulnerabilities affect the following products:
 * Orbi WiFi Systems:


 * Netgear Orbi Satellite (RBS50) running firmware version 2.0.0.74 or earlier
 * Netgear Orbi Satellite (RBS40) running firmware version 2.0.0.56 or earlier
 * Netgear Orbi Wall Plug Satellite (RBW30) running firmware version 2.0.0.34 or earlier
 * WiFi Adapters:


 * Netgear A6100 running firmware version 1.0.0.32 or earlier
 * Netgear A6210 running firmware version 1.0.0.36 or earlier
 * Netgear A7000 running firmware version 1.0.0.11 or earlier
 * Netgear WNA3100M running firmware version 1.2.0.7 or earlier
 * Netgear WNDA3100v3 running firmware version 1.0.0.10 or earlier
 * Routers and Gateways (when used in bridge mode):


 * Netgear JR6150 running firmware version 1.0.1.10 or earlier
 * Netgear R6020 running firmware version 1.0.0.18 or earlier
 * Netgear R6050 running firmware version 1.0.1.10 or earlier
 * Netgear R6080 running firmware version 1.0.0.18 or earlier
 * Netgear R6100 running firmware version 1.0.1.16 or earlier
 * Netgear R6120 running firmware version 1.0.0.30 or earlier
 * Netgear R6220 running firmware version 1.1.0.50 or earlier
 * Netgear R6250 running firmware version 1.0.4.14 or earlier
 * Netgear R6700v2 running firmware version 1.1.0.42 or earlier
 * Netgear R6800 running firmware version 1.1.0.42 or earlier
 * Netgear R7000 running firmware version 1.0.9.12 or earlier
 * Netgear R7500 running firmware version 1.0.0.110 or earlier
 * Netgear R7500v2 running firmware version 1.0.3.16 or earlier
 * Netgear R7800 running firmware version 1.0.2.36 or earlier
 * Netgear R8300 running firmware version 1.0.2.106 or earlier
 * Netgear R8500 running firmware version 1.0.2.106 or earlier
 * Netgear R9000 running firmware version 1.0.2.40 or earlier
 * WiFi Range Extenders:


 * Netgear EX2700 running firmware version 1.0.1.20 or earlier
 * Netgear EX3700 running firmware version 1.0.0.62 or earlier
 * Netgear EX3800 running firmware version 1.0.0.62 or earlier
 * Netgear EX6000 running firmware version 1.0.0.20_1.0.11 or earlier
 * Netgear EX6100v1 running firmware version 1.0.2.16_1.1.130 or earlier
 * Netgear EX6100v2 running firmware version 1.0.1.50 or earlier
 * Netgear EX6120 running firmware version 1.0.0.30_1.0.20 or earlier
 * Netgear EX6130 running firmware version 1.0.0.16 or earlier
 * Netgear EX6150v1 running firmware version 1.0.0.32_1.0.68 or earlier
 * Netgear EX6150v2 running firmware version 1.0.1.50 or earlier
 * Netgear EX6200v1 running firmware version 1.0.3.76_1.1.111 or earlier
 * Netgear EX6200v2 running firmware version 1.0.1.50 or earlier
 * Netgear EX6400 running firmware version 1.0.1.60 or earlier
 * Netgear EX7000 running firmware version 1.0.0.50_1.0.101 or earlier
 * Netgear EX7300 running firmware version 1.0.1.60 or earlier
 * Netgear WN2000RPTv3 running firmware version 1.0.1.4 or earlier
 * Netgear WN3000RPv3 running firmware version 1.0.2.32 or earlier
 * Netgear WN3100RPv2 running firmware version 1.0.0.22 or earlier
 * Mobile Hotspots:


 * Netgear AC810
 * Netgear AC815
 * Netgear Nighthawk M1 (MR1100) - Support page
 * Arlo Cameras:


 * Netgear ABC1000
 * Netgear VMC3040
 * Netgear VMC3040S
 * Wireless Access Points:


 * Netgear WAC104 running firmware versions prior to 1.0.4.9
 * Netgear WAC120 running firmware versions prior to 2.1.5
 * Netgear WAC505 running firmware versions prior to 1.5.3.7
 * Netgear WAC510 running firmware versions prior to 1.5.3.7
 * Netgear WAC720 running firmware versions prior to 3.7.12.0
 * Netgear WAC730 running firmware versions prior to 3.7.12.0
 * Netgear WN604 running firmware versions prior to 3.3.8
 * Netgear WNAP210v2 running firmware versions prior to 3.7.7.0
 * Netgear WNAP320 running firmware versions prior to 3.7.7.0
 * Netgear WND930 running firmware versions prior to 2.1.3
 * Netgear WNDAP350 running firmware versions prior to 3.7.7.0
 * Netgear WNDAP360 running firmware versions prior to 3.7.7.0
 * Netgear WNDAP620 running firmware versions prior to 2.1.4
 * Netgear WNDAP660 running firmware versions prior to 3.7.7.0

Firmware fixes are currently available for the following affected products:
 * Wireless Access Points:


 * Netgear WAC120 - Firmware Version 2.1.5
 * Netgear WAC505 - Firmware Version 1.5.3.7
 * Netgear WAC510 - Firmware Version 1.5.3.7
 * Netgear WAC720 - Firmware Version 3.7.12.0
 * Netgear WAC730 - Firmware Version 3.7.12.0
 * Netgear WN604 - Firmware Version 3.3.8
 * Netgear WNAP210v2 - Firmware Version 3.7.7.0
 * Netgear WNAP320 - Firmware Version 3.7.7.0
 * Netgear WND930 - Firmware Version 2.1.3
 * Netgear WNDAP350 - Firmware Version 3.7.7.0
 * Netgear WNDAP360 - Firmware Version 3.7.7.0
 * Netgear WNDAP620 - Firmware Version 2.1.4
 * Netgear WNDAP660 - Firmware Version 3.7.7.0