Cambium Networks Security Advisory
CVE-2017-13077, CVE-2017-13078, CVE-2017-13079,
CVE-2017-13080, CVE-2017-13081, CVE-2017-13082,
CVE-2017-13084, CVE-2017-13086, CVE-2017-13087,
CVE-2017-13088
Date: 16 October 2017
Last Update: 20 November 2017
Summary
Research paper "Key Reinstallation Attacks: Forcing Nonce Reuse in WPA2" was made publicly available on October 16th, 2017. It describes multiple vulnerabilities against WPA2 four-way handshake protocol.
Multiple Cambium Products are affected by these vulnerabilities.
An attacker can potentially decrypt and replay data packets. General security practices like using HTTPS for sensitive data will mitigate the impact of an attack on most end users.
The network key is not revealed by this attack, so the attacker does not gain the ability associate foreign devices to the network. The attacker will not gain the ability to connect unauthorized SMs to an ePMP network. Similarly, an attacker will not be able to associate unauthorized wireless clients to Wi-Fi networks
Short attack description:
- Attacker can decrypt arbitrary packets.
- Attacker can replay broadcast and multicast frames.
- Attacker can both decrypt and inject arbitrary packets. (TKIP or GCMP ONLY)
- Attacker can force the client into using a predictable all-zero encryption key. (ANDROID 6.0+ and LINUX)
- Attacker can not recover WPA2 passphrase.
- Attacker can not inject packets. (AES-CCMP ONLY)
Affected Products
ePMP all models
cnPilot all models running in Mesh/Repeater mode
Fixed in Software
cnPilot e-Series 3.4.3.5 - Released 3 November 2017
cnPilot R-Series 4.3.5 - Estimated Release 20 November 2017
ePMP 3.5.1-RC10 - Released 15 November 2017
Mitigations
cnPilot E series is only vulnerable in Mesh client mode or with 802.11r enabled
cnPilot R series is only vulnerable in Repeater mode
Temporary disabling those modes will mitigate the risk.
More information
"WPA2 KRACK Vulnerability" webinar