This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
Ruckus Wireless
RUCKUS Self Help |   ASK the Pack
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Severe flaw in WPA2 - cracked

Anonymous
Not applicable

‎10-15-2017 11:27 PM

when can we expect to see update for this https://arstechnica.com/information-technology/2017/10/severe-flaw-in-wpa2-protocol-leaves-wi-fi-tra...
153 REPLIES 153

Anonymous
Not applicable
In response to Anonymous

‎10-17-2017 07:11 AM

"Be professional ... If you have customers that rely on WPA only, then they deserve to be under attack."

Wow Jakob, do you work at Ruckus?

I appreciate they finally took the time to tell us not to worry about anything unless you use features that are turned off by default, or mesh networking . Thanks for assuming most costumers don't care as they would rarely deploy a mesh network, right?

https://www.ruckuswireless.com/rucktionary/mesh-networking-and-smartmesh
http://www.ruckussecurity.com/Smart-Mesh-Networking.asp
http://ruckus-www.s3.amazonaws.com/pdf/appnotes/bpg-wireless-mesh.pdf

You can't flaunt it and be proud of this as a value add, and then chastise customers for using it when there's a security issue you have no urgency to address.

charles_sprick1
New Contributor III
In response to Anonymous

‎10-17-2017 01:47 PM

That blog post ("the ruckus room") is embarrassing.  They don't even mention if they have a fix in the pipeline.  Telling their customers who use "mesh" to "turn it off" is stupid.  It's a feature, don't be surprised if people use it.
0 Kudos

charles_sprick1
New Contributor III
In response to Anonymous

‎10-17-2017 01:47 PM

That blog post ("the ruckus room") is embarrassing.  They don't even mention if they have a fix in the pipeline.  Telling their customers who use "mesh" to "turn it off" is stupid.  It's a feature, don't be surprised if people use it.
0 Kudos

Anonymous
Not applicable

‎10-17-2017 07:54 AM

Does anyone know how 7731 bridges are affected by this?
0 Kudos

michael_brado
Esteemed Contributor II
In response to Anonymous

‎10-17-2017 10:50 AM

For 7731, P300, and mesh deployments, there is noknown workaround for CVE-2017-13077, CVE-2017-13078, CVE-2017-13079,CVE-2017-13080, and CVE-2017-13081.  However, because Ruckus products useCCMP for Mesh and bridging connectivity, exploitation of these vulnerabilities ismade significantly difficult, as per Section 6.1 of the KeyReinstallation Attacks: Forcing Nonce Reuse in WPA2 report.  
0 Kudos
Copyright © 2026 Khoros, LLC