cancel
Showing results for 
Search instead for 
Did you mean: 

Severe flaw in WPA2 - cracked

marko_teklic
New Contributor
153 REPLIES 153

I'm reading it the same way. From the infrastructure side, if you don't use 802.11r you aren't vulnerable/liable? The other parts are all on the client manufacturers?

Right from the first paragraph:
"Of the ten vulnerabilities, Meraki access points (AP) are only affected by one (CVE: 2017-13082)."

CVE: 2017-13082

802.11r Fast-BSS Transition(FT)

Access Points

Ruckus makes some great gear, but good god do they suck at communicating with their customers - both issues like this and general transparency.

jesse_johnston_
New Contributor III
From the white paper:
"Our key reinstallation attack also breaks the PeerKey, group key, and Fast BSS Transition (FT) handshake. The impact depends on the handshake being attacked, and the data-confidentiality protocol in use."

robert_lowe_722
Contributor III
No its more than that but maybe not effecting Meraki. For example it effects most Vendors who have Mesh functionality.
This Aruba Blogpost gives a good explanation: http://community.arubanetworks.com/t5/Technology-Blog/WPA2-Key-Reinstallation-Attacks/ba-p/310045