Vulnerabilities in Wi-Fi Protected Access Could Allow for Information Disclosure

OVERVIEW

On October 16, 2017, a weakness was identified in the Wi-Fi Protected Access 2 (WPA2) protocol. Multiple Cisco wireless products are affected by these vulnerabilities (listed below). Successful exploitation of this weakness could allow for an attacker to decrypt Wi-Fi traffic, perform content injection, or hijack TCP connections to obtain sensitive information (ie financial data, passwords, emails). This can allow an attacker to perform additional attacks on a network, as well as compromise the sensitive information of affected users.

 

AFFECTED PRODUCTS

Cisco is investigating its product line to determine which products may be affected by these vulnerabilities. As the investigation progresses, Cisco will update this advisory with information about affected products, including the ID of the Cisco bug for each affected product. List here: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171016-wpa

 

PRODUCTS CONFIRMED NOT VULNERABLE

Cisco has confirmed that these vulnerabilities do not affect the following products:

Voice and Unified Communications Devices

  • Cisco Unified IP Phone 9971
  • Cisco Unified Wireless IP Phone 7925/7926

Wireless

  • Cisco Aironet Access Points running Cisco IOS Software – client/supplicant/workgroup bridge mode
  • Cisco Wireless LAN Controller – controller itself

 

RECOMMENDATIONS:

TEC recommends the following actions be taken:

  • Apply appropriate updates as soon as possible
  • Apply the Principle of Least Privilege to all systems and services to mitigate further attacks with successfully compromised credentials
  • Employ procedures to detect and remove rogue access points

A more detailed description of this attack and updates can be found here: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171016-wpa