Vulnerability-Lookup

CVE-2017-13086 (GCVE-0-2017-13086)

Vulnerability from cvelistv5 – Published: 2017-10-17 13:00 – Updated: 2024-08-05 18:58

Summary

Wi-Fi Protected Access (WPA and WPA2) allows reinstallation of the Tunneled Direct-Link Setup (TDLS) Peer Key (TPK) during the TDLS handshake, allowing an attacker within radio range to replay, decrypt, or spoof frames.

Severity

No CVSS data available.

CWE

CWE-323 - Reusing a Nonce, Key Pair in Encryption

Assigner

certcc

References

21 references

URL	Tags
http://www.securitytracker.com/id/1039581	vdb-entryx_refsource_SECTRACK
http://www.securityfocus.com/bid/101274	vdb-entryx_refsource_BID
http://www.debian.org/security/2017/dsa-3999	vendor-advisoryx_refsource_DEBIAN
http://www.securitytracker.com/id/1039578	vdb-entryx_refsource_SECTRACK
https://access.redhat.com/security/vulnerabilitie…	x_refsource_CONFIRM
https://tools.cisco.com/security/center/content/C…	vendor-advisoryx_refsource_CISCO
https://w1.fi/security/2017-1/wpa-packet-number-r…	x_refsource_MISC
http://www.arubanetworks.com/assets/alert/ARUBA-P…	x_refsource_CONFIRM
http://www.securitytracker.com/id/1039577	vdb-entryx_refsource_SECTRACK
https://source.android.com/security/bulletin/2017-11-01	x_refsource_CONFIRM
https://security.gentoo.org/glsa/201711-03	vendor-advisoryx_refsource_GENTOO
https://access.redhat.com/errata/RHSA-2017:2907	vendor-advisoryx_refsource_REDHAT
https://support.lenovo.com/us/en/product_security…	x_refsource_CONFIRM
https://security.FreeBSD.org/advisories/FreeBSD-S…	vendor-advisoryx_refsource_FREEBSD
https://www.krackattacks.com/	x_refsource_MISC
http://www.securitytracker.com/id/1039573	vdb-entryx_refsource_SECTRACK
http://www.securitytracker.com/id/1039576	vdb-entryx_refsource_SECTRACK
http://www.kb.cert.org/vuls/id/228519	third-party-advisoryx_refsource_CERT-VN
https://cert-portal.siemens.com/productcert/pdf/s…	x_refsource_CONFIRM
https://cert.vde.com/en-us/advisories/vde-2017-005	x_refsource_CONFIRM
http://www.ubuntu.com/usn/USN-3455-1	vendor-advisoryx_refsource_UBUNTU

Impacted products

1 product

Vendor	Product	Version
Wi-Fi Alliance	Wi-Fi Protected Access (WPA and WPA2)	Affected: WPA Affected: WPA2

Date Public

2017-10-16 00:00

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T18:58:12.219Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "1039581",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1039581"
          },
          {
            "name": "101274",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/101274"
          },
          {
            "name": "DSA-3999",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2017/dsa-3999"
          },
          {
            "name": "1039578",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1039578"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/security/vulnerabilities/kracks"
          },
          {
            "name": "20171016 Multiple Vulnerabilities in Wi-Fi Protected Access and Wi-Fi Protected Access II",
            "tags": [
              "vendor-advisory",
              "x_refsource_CISCO",
              "x_transferred"
            ],
            "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171016-wpa"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://w1.fi/security/2017-1/wpa-packet-number-reuse-with-replayed-messages.txt"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2017-007.txt"
          },
          {
            "name": "1039577",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1039577"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://source.android.com/security/bulletin/2017-11-01"
          },
          {
            "name": "GLSA-201711-03",
            "tags": [
              "vendor-advisory",
              "x_refsource_GENTOO",
              "x_transferred"
            ],
            "url": "https://security.gentoo.org/glsa/201711-03"
          },
          {
            "name": "RHSA-2017:2907",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2017:2907"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://support.lenovo.com/us/en/product_security/LEN-17420"
          },
          {
            "name": "FreeBSD-SA-17:07",
            "tags": [
              "vendor-advisory",
              "x_refsource_FREEBSD",
              "x_transferred"
            ],
            "url": "https://security.FreeBSD.org/advisories/FreeBSD-SA-17:07.wpa.asc"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://www.krackattacks.com/"
          },
          {
            "name": "1039573",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1039573"
          },
          {
            "name": "1039576",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1039576"
          },
          {
            "name": "VU#228519",
            "tags": [
              "third-party-advisory",
              "x_refsource_CERT-VN",
              "x_transferred"
            ],
            "url": "http://www.kb.cert.org/vuls/id/228519"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-901333.pdf"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://cert.vde.com/en-us/advisories/vde-2017-005"
          },
          {
            "name": "USN-3455-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-3455-1"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Wi-Fi Protected Access (WPA and WPA2)",
          "vendor": "Wi-Fi Alliance",
          "versions": [
            {
              "status": "affected",
              "version": "WPA"
            },
            {
              "status": "affected",
              "version": "WPA2"
            }
          ]
        }
      ],
      "datePublic": "2017-10-16T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "Wi-Fi Protected Access (WPA and WPA2) allows reinstallation of the Tunneled Direct-Link Setup (TDLS) Peer Key (TPK) during the TDLS handshake, allowing an attacker within radio range to replay, decrypt, or spoof frames."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-323",
              "description": "CWE-323: Reusing a Nonce, Key Pair in Encryption",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-05-16T13:57:02.000Z",
        "orgId": "37e5125f-f79b-445b-8fad-9564f167944b",
        "shortName": "certcc"
      },
      "references": [
        {
          "name": "1039581",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id/1039581"
        },
        {
          "name": "101274",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/101274"
        },
        {
          "name": "DSA-3999",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2017/dsa-3999"
        },
        {
          "name": "1039578",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id/1039578"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://access.redhat.com/security/vulnerabilities/kracks"
        },
        {
          "name": "20171016 Multiple Vulnerabilities in Wi-Fi Protected Access and Wi-Fi Protected Access II",
          "tags": [
            "vendor-advisory",
            "x_refsource_CISCO"
          ],
          "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171016-wpa"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://w1.fi/security/2017-1/wpa-packet-number-reuse-with-replayed-messages.txt"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2017-007.txt"
        },
        {
          "name": "1039577",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id/1039577"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://source.android.com/security/bulletin/2017-11-01"
        },
        {
          "name": "GLSA-201711-03",
          "tags": [
            "vendor-advisory",
            "x_refsource_GENTOO"
          ],
          "url": "https://security.gentoo.org/glsa/201711-03"
        },
        {
          "name": "RHSA-2017:2907",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2017:2907"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://support.lenovo.com/us/en/product_security/LEN-17420"
        },
        {
          "name": "FreeBSD-SA-17:07",
          "tags": [
            "vendor-advisory",
            "x_refsource_FREEBSD"
          ],
          "url": "https://security.FreeBSD.org/advisories/FreeBSD-SA-17:07.wpa.asc"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.krackattacks.com/"
        },
        {
          "name": "1039573",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id/1039573"
        },
        {
          "name": "1039576",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id/1039576"
        },
        {
          "name": "VU#228519",
          "tags": [
            "third-party-advisory",
            "x_refsource_CERT-VN"
          ],
          "url": "http://www.kb.cert.org/vuls/id/228519"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-901333.pdf"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://cert.vde.com/en-us/advisories/vde-2017-005"
        },
        {
          "name": "USN-3455-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-3455-1"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cert@cert.org",
          "ID": "CVE-2017-13086",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Wi-Fi Protected Access (WPA and WPA2)",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "WPA"
                          },
                          {
                            "version_value": "WPA2"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Wi-Fi Alliance"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Wi-Fi Protected Access (WPA and WPA2) allows reinstallation of the Tunneled Direct-Link Setup (TDLS) Peer Key (TPK) during the TDLS handshake, allowing an attacker within radio range to replay, decrypt, or spoof frames."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-323: Reusing a Nonce, Key Pair in Encryption"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "1039581",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id/1039581"
            },
            {
              "name": "101274",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/101274"
            },
            {
              "name": "DSA-3999",
              "refsource": "DEBIAN",
              "url": "http://www.debian.org/security/2017/dsa-3999"
            },
            {
              "name": "1039578",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id/1039578"
            },
            {
              "name": "https://access.redhat.com/security/vulnerabilities/kracks",
              "refsource": "CONFIRM",
              "url": "https://access.redhat.com/security/vulnerabilities/kracks"
            },
            {
              "name": "20171016 Multiple Vulnerabilities in Wi-Fi Protected Access and Wi-Fi Protected Access II",
              "refsource": "CISCO",
              "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171016-wpa"
            },
            {
              "name": "https://w1.fi/security/2017-1/wpa-packet-number-reuse-with-replayed-messages.txt",
              "refsource": "MISC",
              "url": "https://w1.fi/security/2017-1/wpa-packet-number-reuse-with-replayed-messages.txt"
            },
            {
              "name": "http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2017-007.txt",
              "refsource": "CONFIRM",
              "url": "http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2017-007.txt"
            },
            {
              "name": "1039577",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id/1039577"
            },
            {
              "name": "https://source.android.com/security/bulletin/2017-11-01",
              "refsource": "CONFIRM",
              "url": "https://source.android.com/security/bulletin/2017-11-01"
            },
            {
              "name": "GLSA-201711-03",
              "refsource": "GENTOO",
              "url": "https://security.gentoo.org/glsa/201711-03"
            },
            {
              "name": "RHSA-2017:2907",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2017:2907"
            },
            {
              "name": "https://support.lenovo.com/us/en/product_security/LEN-17420",
              "refsource": "CONFIRM",
              "url": "https://support.lenovo.com/us/en/product_security/LEN-17420"
            },
            {
              "name": "FreeBSD-SA-17:07",
              "refsource": "FREEBSD",
              "url": "https://security.FreeBSD.org/advisories/FreeBSD-SA-17:07.wpa.asc"
            },
            {
              "name": "https://www.krackattacks.com/",
              "refsource": "MISC",
              "url": "https://www.krackattacks.com/"
            },
            {
              "name": "1039573",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id/1039573"
            },
            {
              "name": "1039576",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id/1039576"
            },
            {
              "name": "VU#228519",
              "refsource": "CERT-VN",
              "url": "http://www.kb.cert.org/vuls/id/228519"
            },
            {
              "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-901333.pdf",
              "refsource": "CONFIRM",
              "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-901333.pdf"
            },
            {
              "name": "https://cert.vde.com/en-us/advisories/vde-2017-005",
              "refsource": "CONFIRM",
              "url": "https://cert.vde.com/en-us/advisories/vde-2017-005"
            },
            {
              "name": "USN-3455-1",
              "refsource": "UBUNTU",
              "url": "http://www.ubuntu.com/usn/USN-3455-1"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b",
    "assignerShortName": "certcc",
    "cveId": "CVE-2017-13086",
    "datePublished": "2017-10-17T13:00:00.000Z",
    "dateReserved": "2017-08-22T00:00:00.000Z",
    "dateUpdated": "2024-08-05T18:58:12.219Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "epss": {
      "cve": "CVE-2017-13086",
      "date": "2026-05-29",
      "epss": "0.00994",
      "percentile": "0.77219"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2017-13086\",\"sourceIdentifier\":\"cret@cert.org\",\"published\":\"2017-10-17T13:29:00.553\",\"lastModified\":\"2026-05-13T00:24:29.033\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Wi-Fi Protected Access (WPA and WPA2) allows reinstallation of the Tunneled Direct-Link Setup (TDLS) Peer Key (TPK) during the TDLS handshake, allowing an attacker within radio range to replay, decrypt, or spoof frames.\"},{\"lang\":\"es\",\"value\":\"Wi-Fi Protected Access (WPA y WPA2) permite la reinstalaci\u00f3n de la clave TPK (Peer Key) TDLS (Tunneled Direct-Link Setup) durante la negociaci\u00f3n TDLS, haciendo que un atacante que se sit\u00fae dentro del radio reproduzca, descifre o suplante frames.\"}],\"metrics\":{\"cvssMetricV30\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.0\",\"vectorString\":\"CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N\",\"baseScore\":6.8,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"ADJACENT_NETWORK\",\"attackComplexity\":\"HIGH\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":1.6,\"impactScore\":5.2}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:A/AC:M/Au:N/C:P/I:P/A:P\",\"baseScore\":5.4,\"accessVector\":\"ADJACENT_NETWORK\",\"accessComplexity\":\"MEDIUM\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"PARTIAL\",\"availabilityImpact\":\"PARTIAL\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":5.5,\"impactScore\":6.4,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"cret@cert.org\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-323\"}]},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-330\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*\",\"matchCriteriaId\":\"B5A6F2F3-4894-4392-8296-3B8DD2679084\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*\",\"matchCriteriaId\":\"F7016A2A-8365-4F1A-89A2-7A19F2BCAE5B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:canonical:ubuntu_linux:17.04:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"588D4F37-0A56-47A4-B710-4D5F3D214FB9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DEECE5FC-CACF-4496-A3E7-164736409252\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:freebsd:freebsd:*:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D9EC02F3-3905-460D-8949-3B26394215CA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:freebsd:freebsd:10:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4195DB45-CF5A-4FA6-BF58-BAF77EE555C2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:freebsd:freebsd:10.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BD5B9266-A927-4F62-8742-721CE9A4C4C4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:freebsd:freebsd:11:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"602D3280-2974-4809-BE70-1EA9437AEBF3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:freebsd:freebsd:11.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C5753931-556B-4EEC-B510-751BA3613CE6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:opensuse:leap:42.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1EA337A3-B9A3-4962-B8BD-8E0C7C5B28EB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:opensuse:leap:42.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5F65DAB0-3DAD-49FF-BC73-3581CC3D5BF3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux_desktop:7:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2095C863-1FB0-4016-81FF-3CAB44E77FD9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux_server:7:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"AC7AAFCB-AB64-4B39-87AA-936E386A82C2\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:w1.fi:hostapd:0.2.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F6454F0F-6CC1-4EA2-8D7C-51709FD7F318\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:w1.fi:hostapd:0.2.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CFCB5512-B60E-48D7-B136-ADF19E5E74BD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:w1.fi:hostapd:0.2.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9EB1420D-5D05-4BFC-8AF7-2AB00B76148B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:w1.fi:hostapd:0.2.8:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"21324D89-B634-4D6B-987B-4AD29079373D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:w1.fi:hostapd:0.3.7:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4AB43314-8725-48A0-8902-864567808AD7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:w1.fi:hostapd:0.3.9:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B2AA3D0E-C483-4575-8209-DE643A3FEC7F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:w1.fi:hostapd:0.3.10:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C0DE22EA-D5FA-4477-A3AD-F10455D8DB9A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:w1.fi:hostapd:0.3.11:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1212B910-E4A5-47A1-A263-4E1C13CF3EFC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:w1.fi:hostapd:0.4.7:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A9A6A99E-5129-4E8D-A0AF-61755BDA3565\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:w1.fi:hostapd:0.4.8:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BC42F782-63CB-4960-BF65-4856776CFBE4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:w1.fi:hostapd:0.4.9:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"212B0353-4AEF-4861-A054-6193CAA05390\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:w1.fi:hostapd:0.4.10:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4E702507-5BA0-4A12-80C6-A729F32A6A80\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:w1.fi:hostapd:0.4.11:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"24810936-DABC-485D-B952-22F16C3016FC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:w1.fi:hostapd:0.5.7:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0AF46881-4484-4ABB-AC0C-152664E2CD6F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:w1.fi:hostapd:0.5.8:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"880CBDD7-BFEC-48F6-8C4C-D300143B6571\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:w1.fi:hostapd:0.5.9:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B29CCA41-5784-48C3-B9ED-6B1FF063FB1C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:w1.fi:hostapd:0.5.10:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"37B9643D-4046-4034-8B68-18F59154CD66\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:w1.fi:hostapd:0.5.11:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"681C458F-D1BD-48DA-86C7-BA714F5AA9B7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:w1.fi:hostapd:0.6.8:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4057F722-1A8E-4D75-B049-E3632AC8EF65\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:w1.fi:hostapd:0.6.9:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A1F53FDB-7136-444E-AB03-9D8A6A31E249\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:w1.fi:hostapd:0.6.10:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"63AB46C0-2F00-4805-84A9-323BA4E594DA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:w1.fi:hostapd:0.7.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"06119A43-B1CA-4021-87D2-C67BE6125423\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:w1.fi:hostapd:1.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"768D16AF-3A8B-47DD-A499-948A73062AE1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:w1.fi:hostapd:1.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3BECC3EF-2777-4FF9-9750-93D1245A9247\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:w1.fi:hostapd:2.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E2D07095-6331-4079-BD86-E414CEE35624\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:w1.fi:hostapd:2.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"61CDB3D2-F6C3-43CF-ACE8-95E96DF02293\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:w1.fi:hostapd:2.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6CCD4904-08CA-45C7-A3D0-90BE5C88CDBF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:w1.fi:hostapd:2.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2B4681FC-44F4-4E86-8431-8EDAD65492D0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:w1.fi:hostapd:2.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"EC6FB535-AFFF-4083-AF1D-9E1ED504158F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:w1.fi:hostapd:2.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A74105F9-E729-47BA-A96F-4D15947B673A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:w1.fi:hostapd:2.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1F5F7411-0B32-4041-8235-2B1AEC186FF0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:w1.fi:wpa_supplicant:0.2.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9191D783-4390-4603-9C4D-F673270E63C3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:w1.fi:wpa_supplicant:0.2.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E36F3308-EABA-451F-90E1-65919450A809\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:w1.fi:wpa_supplicant:0.2.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"44F6680B-7015-4EB0-AABC-A4DD50894CD5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:w1.fi:wpa_supplicant:0.2.7:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5CAFF5E3-EA27-4688-87AD-1648003D3D1C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:w1.fi:wpa_supplicant:0.2.8:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"081B4F7E-D7D0-452A-AAEB-0378EB6E7BC9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:w1.fi:wpa_supplicant:0.3.7:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5E00A5B5-81D8-4BF3-B857-028D7D06CA5E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:w1.fi:wpa_supplicant:0.3.8:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"476C3ED0-B77C-490F-AF1E-BC4C7D52D818\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:w1.fi:wpa_supplicant:0.3.9:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8B1972B5-F896-419C-9FFA-FB583B114B8F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:w1.fi:wpa_supplicant:0.3.10:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C2E84533-EB76-4A8F-90ED-E9342EAF3427\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:w1.fi:wpa_supplicant:0.3.11:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E5AE0623-87CB-4CEF-BD3B-6BCF676031CF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:w1.fi:wpa_supplicant:0.4.7:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"905B55A4-2488-44D1-991F-C142C3527F18\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:w1.fi:wpa_supplicant:0.4.8:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BDD1984D-BCC2-4FC6-B02E-226B1D8BC6F5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:w1.fi:wpa_supplicant:0.4.9:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"90102D17-8D03-4F59-811B-FBFB98D627C2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:w1.fi:wpa_supplicant:0.4.10:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C9381F69-1633-44DD-967F-D29587B67079\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:w1.fi:wpa_supplicant:0.4.11:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9169BDAC-6207-4B6A-8EF3-D52DED1A9311\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:w1.fi:wpa_supplicant:0.5.7:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6FBCD6EA-4E6D-4C6E-97E5-B64F6CB90639\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:w1.fi:wpa_supplicant:0.5.8:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"62E17E03-53C6-4E74-91A8-4C4363666291\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:w1.fi:wpa_supplicant:0.5.9:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C4C6FEDE-B0E9-479A-9185-48D62DBC91FD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:w1.fi:wpa_supplicant:0.5.10:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"643762E2-969E-4531-B79E-961697E5DA8A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:w1.fi:wpa_supplicant:0.5.11:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"627AD871-2091-48E9-B801-3E3D5CF8E594\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:w1.fi:wpa_supplicant:0.6.8:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4BC691E5-6265-4FAB-9ACA-C65EB99AFA47\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:w1.fi:wpa_supplicant:0.6.9:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4701BF31-B3FC-4590-9787-3BA94ECB8D54\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:w1.fi:wpa_supplicant:0.6.10:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5DB96005-E214-4C60-865E-B693115527D1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:w1.fi:wpa_supplicant:0.7.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F4CFF264-2315-43CE-B2A6-4234B394854C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:w1.fi:wpa_supplicant:1.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F3EF53AD-F985-446E-89B8-4BFECE00AD63\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:w1.fi:wpa_supplicant:1.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0A11DBFA-9F0E-4358-8541-E5371C11FE80\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:w1.fi:wpa_supplicant:2.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"738AEB08-FF7D-4DC3-AB14-B8F2B9474810\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:w1.fi:wpa_supplicant:2.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1E8C5523-16E4-417E-A159-F5D0F9E83C5B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:w1.fi:wpa_supplicant:2.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8AE48919-35E0-4C9A-BAEB-A6402FA7BD4E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:w1.fi:wpa_supplicant:2.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"AB93C2FC-6913-448E-8B93-EEB2229EC86C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:w1.fi:wpa_supplicant:2.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0ECA3172-7088-4B5E-923D-37B155729BD2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:w1.fi:wpa_supplicant:2.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"48FD6B1B-7555-449D-9CCB-1487FAEE8098\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:w1.fi:wpa_supplicant:2.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9726F4DE-8037-49AD-A092-7EF9D5BF99EC\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:suse:linux_enterprise_desktop:12:sp2:*:*:*:*:*:*\",\"matchCriteriaId\":\"57CFAD92-EECD-417D-ADDB-8178C320B204\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:suse:linux_enterprise_desktop:12:sp3:*:*:*:*:*:*\",\"matchCriteriaId\":\"C1DCD75C-9775-4922-8A44-C4707C640946\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:suse:linux_enterprise_point_of_sale:11:sp3:*:*:*:*:*:*\",\"matchCriteriaId\":\"086BF5C5-255C-4E2E-83D3-A8B83AED6B60\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:suse:linux_enterprise_server:11:sp3:*:*:*:ltss:*:*\",\"matchCriteriaId\":\"91F8AC0A-13B4-4DF0-B40D-8756ACCDB4C5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:suse:linux_enterprise_server:11:sp4:*:*:*:*:*:*\",\"matchCriteriaId\":\"55C5561F-BE86-4EEA-99D4-8697F8BD9DFE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:suse:linux_enterprise_server:12:*:*:*:ltss:*:*:*\",\"matchCriteriaId\":\"B2F3699A-38E4-4E9D-9414-411F71D9E371\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:suse:openstack_cloud:6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"07E4AF6E-9BA4-4542-8F9F-6BA723F7A64D\"}]}]}],\"references\":[{\"url\":\"http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2017-007.txt\",\"source\":\"cret@cert.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.debian.org/security/2017/dsa-3999\",\"source\":\"cret@cert.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.kb.cert.org/vuls/id/228519\",\"source\":\"cret@cert.org\",\"tags\":[\"Third Party Advisory\",\"US Government Resource\"]},{\"url\":\"http://www.securityfocus.com/bid/101274\",\"source\":\"cret@cert.org\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.securitytracker.com/id/1039573\",\"source\":\"cret@cert.org\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.securitytracker.com/id/1039576\",\"source\":\"cret@cert.org\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.securitytracker.com/id/1039577\",\"source\":\"cret@cert.org\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.securitytracker.com/id/1039578\",\"source\":\"cret@cert.org\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.securitytracker.com/id/1039581\",\"source\":\"cret@cert.org\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.ubuntu.com/usn/USN-3455-1\",\"source\":\"cret@cert.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2017:2907\",\"source\":\"cret@cert.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/security/vulnerabilities/kracks\",\"source\":\"cret@cert.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://cert-portal.siemens.com/productcert/pdf/ssa-901333.pdf\",\"source\":\"cret@cert.org\"},{\"url\":\"https://cert.vde.com/en-us/advisories/vde-2017-005\",\"source\":\"cret@cert.org\"},{\"url\":\"https://security.FreeBSD.org/advisories/FreeBSD-SA-17:07.wpa.asc\",\"source\":\"cret@cert.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://security.gentoo.org/glsa/201711-03\",\"source\":\"cret@cert.org\"},{\"url\":\"https://source.android.com/security/bulletin/2017-11-01\",\"source\":\"cret@cert.org\"},{\"url\":\"https://support.lenovo.com/us/en/product_security/LEN-17420\",\"source\":\"cret@cert.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171016-wpa\",\"source\":\"cret@cert.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://w1.fi/security/2017-1/wpa-packet-number-reuse-with-replayed-messages.txt\",\"source\":\"cret@cert.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.krackattacks.com/\",\"source\":\"cret@cert.org\",\"tags\":[\"Technical Description\",\"Third Party Advisory\"]},{\"url\":\"http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2017-007.txt\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.debian.org/security/2017/dsa-3999\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.kb.cert.org/vuls/id/228519\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"US Government Resource\"]},{\"url\":\"http://www.securityfocus.com/bid/101274\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.securitytracker.com/id/1039573\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.securitytracker.com/id/1039576\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.securitytracker.com/id/1039577\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.securitytracker.com/id/1039578\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.securitytracker.com/id/1039581\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.ubuntu.com/usn/USN-3455-1\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2017:2907\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/security/vulnerabilities/kracks\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://cert-portal.siemens.com/productcert/pdf/ssa-901333.pdf\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://cert.vde.com/en-us/advisories/vde-2017-005\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://security.FreeBSD.org/advisories/FreeBSD-SA-17:07.wpa.asc\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://security.gentoo.org/glsa/201711-03\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://source.android.com/security/bulletin/2017-11-01\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://support.lenovo.com/us/en/product_security/LEN-17420\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171016-wpa\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://w1.fi/security/2017-1/wpa-packet-number-reuse-with-replayed-messages.txt\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.krackattacks.com/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Technical Description\",\"Third Party Advisory\"]}]}}"
  }
}

VDE-2017-005

Vulnerability from csaf_pepperlfuchsse - Published: 2017-12-11 13:26 - Updated: 2018-10-23 10:00

Summary

Pepperl+Fuchs / ecom instruments: WLAN enabled products utilizing WPA2 encryption

Notes

Summary: Multiple security issues and vulnerabilities within the WPA2 standard have been identified and publicized by Mr. Mathy Vanhoef of KU Leuven. These vulnerabilities may allow the reinstallation of a pairwise transient key, a group key, or an integrity key on either a wireless client or a wireless access point (AP). In consequence, an attacker could establish a man-in-the-middle position between AP and client facilitating packet decryption and injection. ecom instruments is a subsidiary company of PEPPERL+FUCHS.

Impact: ecom instruments devices are in theory attackable by replay, decryption and forging of packets. However, to perform the attack, the attacker must be significantly closer to the ecom device than to the access point. The WPA2 password cannot be compromised using a KRACK attack. Note if WPA-TKIP is used instead of AES-CCMP, an attacker can easily forge and inject packets directly into the WLAN.

Remediation: ### Android **Affected Products:** Tab-Ex 01, Ex-Handy 09, Ex-Handy 209, Smart-Ex 01, Smart-Ex 201 Pepperl+Fuchs has released firmware updates for the following products: | Product | Date | Update Source | |---------------|-----------------------|----------------| | Smart-Ex 01 | Available since 09/2018 | FOTA-Update | | Smart-Ex 201 | Available since 10/2018 | FOTA-Update | --- ### Windows **Affected Products:** Pad-Ex 01, i.roc Ci70-Ex, CK70A-ATEX, CK71A-ATEX, CN70A-ATEX, CN70E-ATEX For *ecom instruments* devices running Windows, we recommend to apply the security update provided by Microsoft. If you are using **WPA-TKIP** in your WLAN, you should switch to **AES-CCMP** immediately. > **Note:** > This advisory will be updated as further details and/or software updates become available.

CVE-2017-13077

Wi-Fi Protected Access (WPA and WPA2) allows reinstallation of the Pairwise Transient Key (PTK) Temporal Key (TK) during the four-way handshake, allowing an attacker within radio range to replay, decrypt, or spoof frames.

6.8 (Medium)


                        
                          CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N

CWE-330 - Use of Insufficiently Random Values

Vendor Fix ### Android **Affected Products:** Tab-Ex 01, Ex-Handy 09, Ex-Handy 209, Smart-Ex 01, Smart-Ex 201 Pepperl+Fuchs has released firmware updates for the following products: | Product | Date | Update Source | |---------------|-----------------------|----------------| | Smart-Ex 01 | Available since 09/2018 | FOTA-Update | | Smart-Ex 201 | Available since 10/2018 | FOTA-Update | --- ### Windows **Affected Products:** Pad-Ex 01, i.roc Ci70-Ex, CK70A-ATEX, CK71A-ATEX, CN70A-ATEX, CN70E-ATEX For *ecom instruments* devices running Windows, we recommend to apply the security update provided by Microsoft. If you are using **WPA-TKIP** in your WLAN, you should switch to **AES-CCMP** immediately. > **Note:** > This advisory will be updated as further details and/or software updates become available.

Affected products

Fixed 2 products

Product	Identifier	Version	Remediation
Unresolved product id: CSAFPID-32001		—
Unresolved product id: CSAFPID-32002		—

Known affected 11 products

Product	Identifier	Version	Remediation
CK70A-ATEX vers:all/* Vendor / Software / CK70A-ATEX		vers:all/*
CK71A-ATEX vers:all/* Vendor / Software / CK71A-ATEX		vers:all/*
CN70A-ATEX vers:all/* Vendor / Software / CN70A-ATEX		vers:all/*
CN70E-ATEX vers:all/* Vendor / Software / CN70E-ATEX		vers:all/*
Ex-Handy 09 vers:all/* Vendor / Software / Ex-Handy 09		vers:all/*
Ex-Handy 209 vers:all/* Vendor / Software / Ex-Handy 209		vers:all/*
i.roc Ci70-Ex vers:all/* Vendor / Software / i.roc Ci70-Ex		vers:all/*
Pad-Ex 01 vers:all/* Vendor / Software / Pad-Ex 01		vers:all/*
Smart-Ex 01 vers:all/* Vendor / Software / Smart-Ex 01		vers:all/*
Smart-Ex 201 vers:all/* Vendor / Software / Smart-Ex 201		vers:all/*
Tab-Ex 01 vers:all/* Vendor / Software / Tab-Ex 01		vers:all/*

CVE-2017-13078

Wi-Fi Protected Access (WPA and WPA2) allows reinstallation of the Group Temporal Key (GTK) during the four-way handshake, allowing an attacker within radio range to replay frames from access points to clients.

5.3 (Medium)


                        
                          CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N

CWE-330 - Use of Insufficiently Random Values

Affected products

Fixed 2 products

Product	Identifier	Version	Remediation
Unresolved product id: CSAFPID-32001		—
Unresolved product id: CSAFPID-32002		—

Known affected 11 products

Product	Identifier	Version	Remediation
CK70A-ATEX vers:all/* Vendor / Software / CK70A-ATEX		vers:all/*
CK71A-ATEX vers:all/* Vendor / Software / CK71A-ATEX		vers:all/*
CN70A-ATEX vers:all/* Vendor / Software / CN70A-ATEX		vers:all/*
CN70E-ATEX vers:all/* Vendor / Software / CN70E-ATEX		vers:all/*
Ex-Handy 09 vers:all/* Vendor / Software / Ex-Handy 09		vers:all/*
Ex-Handy 209 vers:all/* Vendor / Software / Ex-Handy 209		vers:all/*
i.roc Ci70-Ex vers:all/* Vendor / Software / i.roc Ci70-Ex		vers:all/*
Pad-Ex 01 vers:all/* Vendor / Software / Pad-Ex 01		vers:all/*
Smart-Ex 01 vers:all/* Vendor / Software / Smart-Ex 01		vers:all/*
Smart-Ex 201 vers:all/* Vendor / Software / Smart-Ex 201		vers:all/*
Tab-Ex 01 vers:all/* Vendor / Software / Tab-Ex 01		vers:all/*

CVE-2017-13080

Wi-Fi Protected Access (WPA and WPA2) allows reinstallation of the Group Temporal Key (GTK) during the group key handshake, allowing an attacker within radio range to replay frames from access points to clients.

5.3 (Medium)


                        
                          CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N

CWE-330 - Use of Insufficiently Random Values

Affected products

Fixed 2 products

Product	Identifier	Version	Remediation
Unresolved product id: CSAFPID-32001		—
Unresolved product id: CSAFPID-32002		—

Known affected 11 products

Product	Identifier	Version	Remediation
CK70A-ATEX vers:all/* Vendor / Software / CK70A-ATEX		vers:all/*
CK71A-ATEX vers:all/* Vendor / Software / CK71A-ATEX		vers:all/*
CN70A-ATEX vers:all/* Vendor / Software / CN70A-ATEX		vers:all/*
CN70E-ATEX vers:all/* Vendor / Software / CN70E-ATEX		vers:all/*
Ex-Handy 09 vers:all/* Vendor / Software / Ex-Handy 09		vers:all/*
Ex-Handy 209 vers:all/* Vendor / Software / Ex-Handy 209		vers:all/*
i.roc Ci70-Ex vers:all/* Vendor / Software / i.roc Ci70-Ex		vers:all/*
Pad-Ex 01 vers:all/* Vendor / Software / Pad-Ex 01		vers:all/*
Smart-Ex 01 vers:all/* Vendor / Software / Smart-Ex 01		vers:all/*
Smart-Ex 201 vers:all/* Vendor / Software / Smart-Ex 201		vers:all/*
Tab-Ex 01 vers:all/* Vendor / Software / Tab-Ex 01		vers:all/*

CVE-2017-13079

Wi-Fi Protected Access (WPA and WPA2) that supports IEEE 802.11w allows reinstallation of the Integrity Group Temporal Key (IGTK) during the four-way handshake, allowing an attacker within radio range to spoof frames from access points to clients.

5.3 (Medium)


                        
                          CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N

CWE-330 - Use of Insufficiently Random Values

Affected products

Fixed 2 products

Product	Identifier	Version	Remediation
Unresolved product id: CSAFPID-32001		—
Unresolved product id: CSAFPID-32002		—

Known affected 11 products

Product	Identifier	Version	Remediation
CK70A-ATEX vers:all/* Vendor / Software / CK70A-ATEX		vers:all/*
CK71A-ATEX vers:all/* Vendor / Software / CK71A-ATEX		vers:all/*
CN70A-ATEX vers:all/* Vendor / Software / CN70A-ATEX		vers:all/*
CN70E-ATEX vers:all/* Vendor / Software / CN70E-ATEX		vers:all/*
Ex-Handy 09 vers:all/* Vendor / Software / Ex-Handy 09		vers:all/*
Ex-Handy 209 vers:all/* Vendor / Software / Ex-Handy 209		vers:all/*
i.roc Ci70-Ex vers:all/* Vendor / Software / i.roc Ci70-Ex		vers:all/*
Pad-Ex 01 vers:all/* Vendor / Software / Pad-Ex 01		vers:all/*
Smart-Ex 01 vers:all/* Vendor / Software / Smart-Ex 01		vers:all/*
Smart-Ex 201 vers:all/* Vendor / Software / Smart-Ex 201		vers:all/*
Tab-Ex 01 vers:all/* Vendor / Software / Tab-Ex 01		vers:all/*

CVE-2017-13081

Wi-Fi Protected Access (WPA and WPA2) that supports IEEE 802.11w allows reinstallation of the Integrity Group Temporal Key (IGTK) during the group key handshake, allowing an attacker within radio range to spoof frames from access points to clients.

5.3 (Medium)


                        
                          CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N

CWE-330 - Use of Insufficiently Random Values

Affected products

Fixed 2 products

Product	Identifier	Version	Remediation
Unresolved product id: CSAFPID-32001		—
Unresolved product id: CSAFPID-32002		—

Known affected 11 products

Product	Identifier	Version	Remediation
CK70A-ATEX vers:all/* Vendor / Software / CK70A-ATEX		vers:all/*
CK71A-ATEX vers:all/* Vendor / Software / CK71A-ATEX		vers:all/*
CN70A-ATEX vers:all/* Vendor / Software / CN70A-ATEX		vers:all/*
CN70E-ATEX vers:all/* Vendor / Software / CN70E-ATEX		vers:all/*
Ex-Handy 09 vers:all/* Vendor / Software / Ex-Handy 09		vers:all/*
Ex-Handy 209 vers:all/* Vendor / Software / Ex-Handy 209		vers:all/*
i.roc Ci70-Ex vers:all/* Vendor / Software / i.roc Ci70-Ex		vers:all/*
Pad-Ex 01 vers:all/* Vendor / Software / Pad-Ex 01		vers:all/*
Smart-Ex 01 vers:all/* Vendor / Software / Smart-Ex 01		vers:all/*
Smart-Ex 201 vers:all/* Vendor / Software / Smart-Ex 201		vers:all/*
Tab-Ex 01 vers:all/* Vendor / Software / Tab-Ex 01		vers:all/*

CVE-2017-13082

Wi-Fi Protected Access (WPA and WPA2) that supports IEEE 802.11r allows reinstallation of the Pairwise Transient Key (PTK) Temporal Key (TK) during the fast BSS transmission (FT) handshake, allowing an attacker within radio range to replay, decrypt, or spoof frames.

8.1 (High)


                        
                          CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

CWE-330 - Use of Insufficiently Random Values

Affected products

Fixed 2 products

Product	Identifier	Version	Remediation
Unresolved product id: CSAFPID-32001		—
Unresolved product id: CSAFPID-32002		—

Known affected 11 products

Product	Identifier	Version	Remediation
CK70A-ATEX vers:all/* Vendor / Software / CK70A-ATEX		vers:all/*
CK71A-ATEX vers:all/* Vendor / Software / CK71A-ATEX		vers:all/*
CN70A-ATEX vers:all/* Vendor / Software / CN70A-ATEX		vers:all/*
CN70E-ATEX vers:all/* Vendor / Software / CN70E-ATEX		vers:all/*
Ex-Handy 09 vers:all/* Vendor / Software / Ex-Handy 09		vers:all/*
Ex-Handy 209 vers:all/* Vendor / Software / Ex-Handy 209		vers:all/*
i.roc Ci70-Ex vers:all/* Vendor / Software / i.roc Ci70-Ex		vers:all/*
Pad-Ex 01 vers:all/* Vendor / Software / Pad-Ex 01		vers:all/*
Smart-Ex 01 vers:all/* Vendor / Software / Smart-Ex 01		vers:all/*
Smart-Ex 201 vers:all/* Vendor / Software / Smart-Ex 201		vers:all/*
Tab-Ex 01 vers:all/* Vendor / Software / Tab-Ex 01		vers:all/*

CVE-2017-13086

6.8 (Medium)


                        
                          CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N

CWE-330 - Use of Insufficiently Random Values

Affected products

Fixed 2 products

Product	Identifier	Version	Remediation
Unresolved product id: CSAFPID-32001		—
Unresolved product id: CSAFPID-32002		—

Known affected 11 products

Product	Identifier	Version	Remediation
CK70A-ATEX vers:all/* Vendor / Software / CK70A-ATEX		vers:all/*
CK71A-ATEX vers:all/* Vendor / Software / CK71A-ATEX		vers:all/*
CN70A-ATEX vers:all/* Vendor / Software / CN70A-ATEX		vers:all/*
CN70E-ATEX vers:all/* Vendor / Software / CN70E-ATEX		vers:all/*
Ex-Handy 09 vers:all/* Vendor / Software / Ex-Handy 09		vers:all/*
Ex-Handy 209 vers:all/* Vendor / Software / Ex-Handy 209		vers:all/*
i.roc Ci70-Ex vers:all/* Vendor / Software / i.roc Ci70-Ex		vers:all/*
Pad-Ex 01 vers:all/* Vendor / Software / Pad-Ex 01		vers:all/*
Smart-Ex 01 vers:all/* Vendor / Software / Smart-Ex 01		vers:all/*
Smart-Ex 201 vers:all/* Vendor / Software / Smart-Ex 201		vers:all/*
Tab-Ex 01 vers:all/* Vendor / Software / Tab-Ex 01		vers:all/*

CVE-2017-13087

Wi-Fi Protected Access (WPA and WPA2) that support 802.11v allows reinstallation of the Group Temporal Key (GTK) when processing a Wireless Network Management (WNM) Sleep Mode Response frame, allowing an attacker within radio range to replay frames from access points to clients.

5.3 (Medium)


                        
                          CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N

CWE-330 - Use of Insufficiently Random Values

Affected products

Fixed 2 products

Product	Identifier	Version	Remediation
Unresolved product id: CSAFPID-32001		—
Unresolved product id: CSAFPID-32002		—

Known affected 11 products

Product	Identifier	Version	Remediation
CK70A-ATEX vers:all/* Vendor / Software / CK70A-ATEX		vers:all/*
CK71A-ATEX vers:all/* Vendor / Software / CK71A-ATEX		vers:all/*
CN70A-ATEX vers:all/* Vendor / Software / CN70A-ATEX		vers:all/*
CN70E-ATEX vers:all/* Vendor / Software / CN70E-ATEX		vers:all/*
Ex-Handy 09 vers:all/* Vendor / Software / Ex-Handy 09		vers:all/*
Ex-Handy 209 vers:all/* Vendor / Software / Ex-Handy 209		vers:all/*
i.roc Ci70-Ex vers:all/* Vendor / Software / i.roc Ci70-Ex		vers:all/*
Pad-Ex 01 vers:all/* Vendor / Software / Pad-Ex 01		vers:all/*
Smart-Ex 01 vers:all/* Vendor / Software / Smart-Ex 01		vers:all/*
Smart-Ex 201 vers:all/* Vendor / Software / Smart-Ex 201		vers:all/*
Tab-Ex 01 vers:all/* Vendor / Software / Tab-Ex 01		vers:all/*

CVE-2017-13088

Wi-Fi Protected Access (WPA and WPA2) that support 802.11v allows reinstallation of the Integrity Group Temporal Key (IGTK) when processing a Wireless Network Management (WNM) Sleep Mode Response frame, allowing an attacker within radio range to replay frames from access points to clients.

5.3 (Medium)


                        
                          CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N

CWE-330 - Use of Insufficiently Random Values

Affected products

Fixed 2 products

Product	Identifier	Version	Remediation
Unresolved product id: CSAFPID-32001		—
Unresolved product id: CSAFPID-32002		—

Known affected 11 products

Product	Identifier	Version	Remediation
CK70A-ATEX vers:all/* Vendor / Software / CK70A-ATEX		vers:all/*
CK71A-ATEX vers:all/* Vendor / Software / CK71A-ATEX		vers:all/*
CN70A-ATEX vers:all/* Vendor / Software / CN70A-ATEX		vers:all/*
CN70E-ATEX vers:all/* Vendor / Software / CN70E-ATEX		vers:all/*
Ex-Handy 09 vers:all/* Vendor / Software / Ex-Handy 09		vers:all/*
Ex-Handy 209 vers:all/* Vendor / Software / Ex-Handy 209		vers:all/*
i.roc Ci70-Ex vers:all/* Vendor / Software / i.roc Ci70-Ex		vers:all/*
Pad-Ex 01 vers:all/* Vendor / Software / Pad-Ex 01		vers:all/*
Smart-Ex 01 vers:all/* Vendor / Software / Smart-Ex 01		vers:all/*
Smart-Ex 201 vers:all/* Vendor / Software / Smart-Ex 201		vers:all/*
Tab-Ex 01 vers:all/* Vendor / Software / Tab-Ex 01		vers:all/*

References

4 references

URL	Category
https://certvde.com/en/advisories/VDE-2017-005/	self
https://pepperl-fuchs.csaf-tp.certvde.com/.well-k…	self
https://www.pepperl-fuchs.com	external
https://certvde.com/en/advisories/vendor/pepperl-fuchs/	external

Acknowledgments

CERT@VDE certvde.com

imec-DistriNet Mathy Vanhoef

KU Leuven www.krackattacks.com

JSON

To clipboard

{
  "document": {
    "acknowledgments": [
      {
        "organization": "CERT@VDE",
        "summary": "coordination",
        "urls": [
          "https://certvde.com"
        ]
      },
      {
        "names": [
          "Mathy Vanhoef"
        ],
        "organization": "imec-DistriNet",
        "summary": "reporting"
      },
      {
        "names": [
          "KU Leuven"
        ],
        "summary": "reporting",
        "urls": [
          "https://www.krackattacks.com"
        ]
      }
    ],
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en-GB",
    "notes": [
      {
        "category": "summary",
        "text": "Multiple security issues and vulnerabilities within the WPA2 standard have been identified and publicized by Mr. Mathy Vanhoef of KU Leuven. These vulnerabilities may allow the reinstallation of a pairwise transient key, a group key, or an integrity key on either a wireless client or a wireless access point (AP). In consequence, an attacker could establish a man-in-the-middle position between AP and client facilitating packet decryption and injection.  \n  \necom instruments is a subsidiary company of PEPPERL+FUCHS.",
        "title": "Summary"
      },
      {
        "category": "description",
        "text": "ecom instruments devices are in theory attackable by replay, decryption and forging of packets. However, to perform the attack, the attacker must be significantly closer to the ecom device than to the access point. The WPA2 password cannot be compromised using a KRACK attack. Note if WPA-TKIP is used instead of AES-CCMP, an attacker can easily forge and inject packets directly into the WLAN.",
        "title": "Impact"
      },
      {
        "category": "description",
        "text": "### Android\n\n**Affected Products:**  \nTab-Ex 01, Ex-Handy 09, Ex-Handy 209, Smart-Ex 01, Smart-Ex 201\n\nPepperl+Fuchs has released firmware updates for the following products:\n\n| Product       | Date                  | Update Source |\n|---------------|-----------------------|----------------|\n| Smart-Ex 01   | Available since 09/2018 | FOTA-Update    |\n| Smart-Ex 201  | Available since 10/2018 | FOTA-Update    |\n\n---\n\n### Windows\n\n**Affected Products:**  \nPad-Ex 01, i.roc Ci70-Ex, CK70A-ATEX, CK71A-ATEX, CN70A-ATEX, CN70E-ATEX\n\nFor *ecom instruments* devices running Windows, we recommend to apply the security update provided by Microsoft.  \nIf you are using **WPA-TKIP** in your WLAN, you should switch to **AES-CCMP** immediately.\n\n\u003e **Note:**  \n\u003e This advisory will be updated as further details and/or software updates become available.",
        "title": "Remediation"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "cert@pepperl-fuchs.com",
      "name": "Pepperl+Fuchs SE",
      "namespace": "https://www.pepperl-fuchs.com"
    },
    "references": [
      {
        "category": "self",
        "summary": "VDE-2017-005: Pepperl+Fuchs / ecom instruments: WLAN enabled products utilizing WPA2 encryption - HTML",
        "url": "https://certvde.com/en/advisories/VDE-2017-005/"
      },
      {
        "category": "self",
        "summary": "VDE-2017-005: Pepperl+Fuchs / ecom instruments: WLAN enabled products utilizing WPA2 encryption - CSAF",
        "url": "https://pepperl-fuchs.csaf-tp.certvde.com/.well-known/csaf/white/2017/vde-2017-005.json"
      },
      {
        "category": "external",
        "summary": "Vendor PSIRT",
        "url": "https://www.pepperl-fuchs.com"
      },
      {
        "category": "external",
        "summary": "CERT@VDE Security Advisories for Pepperl+Fuchs SE",
        "url": "https://certvde.com/en/advisories/vendor/pepperl-fuchs/"
      }
    ],
    "title": "Pepperl+Fuchs / ecom instruments: WLAN enabled products utilizing WPA2 encryption",
    "tracking": {
      "aliases": [
        "VDE-2017-005"
      ],
      "current_release_date": "2018-10-23T10:00:00.000Z",
      "generator": {
        "date": "2025-06-17T05:29:38.549Z",
        "engine": {
          "name": "Secvisogram",
          "version": "2.5.26"
        }
      },
      "id": "VDE-2017-005",
      "initial_release_date": "2017-12-11T13:26:00.000Z",
      "revision_history": [
        {
          "date": "2017-12-11T13:26:00.000Z",
          "number": "1.0.0",
          "summary": "Initial revision."
        },
        {
          "date": "2018-10-23T10:00:00.000Z",
          "number": "1.1.0",
          "summary": "Firmware for Android based devices now available."
        }
      ],
      "status": "final",
      "version": "1.1.0"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "branches": [
                  {
                    "category": "product_version_range",
                    "name": "vers:all/*",
                    "product": {
                      "name": "CK70A-ATEX vers:all/*",
                      "product_id": "CSAFPID-11001"
                    }
                  }
                ],
                "category": "product_name",
                "name": "CK70A-ATEX"
              },
              {
                "branches": [
                  {
                    "category": "product_version_range",
                    "name": "vers:all/*",
                    "product": {
                      "name": "CK71A-ATEX vers:all/*",
                      "product_id": "CSAFPID-11002"
                    }
                  }
                ],
                "category": "product_name",
                "name": "CK71A-ATEX"
              },
              {
                "branches": [
                  {
                    "category": "product_version_range",
                    "name": "vers:all/*",
                    "product": {
                      "name": "CN70A-ATEX vers:all/*",
                      "product_id": "CSAFPID-11003"
                    }
                  }
                ],
                "category": "product_name",
                "name": "CN70A-ATEX"
              },
              {
                "branches": [
                  {
                    "category": "product_version_range",
                    "name": "vers:all/*",
                    "product": {
                      "name": "CN70E-ATEX vers:all/*",
                      "product_id": "CSAFPID-11004"
                    }
                  }
                ],
                "category": "product_name",
                "name": "CN70E-ATEX"
              },
              {
                "branches": [
                  {
                    "category": "product_version_range",
                    "name": "vers:all/*",
                    "product": {
                      "name": "Ex-Handy 09 vers:all/*",
                      "product_id": "CSAFPID-11005"
                    }
                  }
                ],
                "category": "product_name",
                "name": "Ex-Handy 09"
              },
              {
                "branches": [
                  {
                    "category": "product_version_range",
                    "name": "vers:all/*",
                    "product": {
                      "name": "Ex-Handy 209 vers:all/*",
                      "product_id": "CSAFPID-11006"
                    }
                  }
                ],
                "category": "product_name",
                "name": "Ex-Handy 209"
              },
              {
                "branches": [
                  {
                    "category": "product_version_range",
                    "name": "vers:all/*",
                    "product": {
                      "name": "i.roc Ci70-Ex vers:all/*",
                      "product_id": "CSAFPID-11007"
                    }
                  }
                ],
                "category": "product_name",
                "name": "i.roc Ci70-Ex"
              },
              {
                "branches": [
                  {
                    "category": "product_version_range",
                    "name": "vers:all/*",
                    "product": {
                      "name": "Pad-Ex 01 vers:all/*",
                      "product_id": "CSAFPID-11008"
                    }
                  }
                ],
                "category": "product_name",
                "name": "Pad-Ex 01"
              },
              {
                "branches": [
                  {
                    "category": "product_version_range",
                    "name": "vers:all/*",
                    "product": {
                      "name": "Smart-Ex 01 vers:all/*",
                      "product_id": "CSAFPID-11009"
                    }
                  }
                ],
                "category": "product_name",
                "name": "Smart-Ex 01"
              },
              {
                "branches": [
                  {
                    "category": "product_version_range",
                    "name": "vers:all/*",
                    "product": {
                      "name": "Smart-Ex 201 vers:all/*",
                      "product_id": "CSAFPID-11010"
                    }
                  }
                ],
                "category": "product_name",
                "name": "Smart-Ex 201"
              },
              {
                "branches": [
                  {
                    "category": "product_version_range",
                    "name": "vers:all/*",
                    "product": {
                      "name": "Tab-Ex 01 vers:all/*",
                      "product_id": "CSAFPID-11011"
                    }
                  }
                ],
                "category": "product_name",
                "name": "Tab-Ex 01"
              }
            ],
            "category": "product_family",
            "name": "Software"
          }
        ],
        "category": "vendor",
        "name": "Vendor"
      },
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_name",
                "name": "FOTA-Update",
                "product": {
                  "name": "Android Firmware FOTA-Update",
                  "product_id": "CSAFPID-22001"
                }
              }
            ],
            "category": "product_family",
            "name": "Firmware"
          }
        ],
        "category": "vendor",
        "name": "Android"
      }
    ],
    "product_groups": [
      {
        "group_id": "CSAFGID-0001",
        "product_ids": [
          "CSAFPID-11001",
          "CSAFPID-11002",
          "CSAFPID-11003",
          "CSAFPID-11004",
          "CSAFPID-11005",
          "CSAFPID-11006",
          "CSAFPID-11007",
          "CSAFPID-11008",
          "CSAFPID-11009",
          "CSAFPID-11010",
          "CSAFPID-11011"
        ],
        "summary": "Affected products."
      }
    ],
    "relationships": [
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Android Firmware FOTA-Update installed on Smart-Ex 01 vers:all/*",
          "product_id": "CSAFPID-32001"
        },
        "product_reference": "CSAFPID-22001",
        "relates_to_product_reference": "CSAFPID-11009"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Android Firmware FOTA-Update installed on Smart-Ex 201 vers:all/*",
          "product_id": "CSAFPID-32002"
        },
        "product_reference": "CSAFPID-22001",
        "relates_to_product_reference": "CSAFPID-11010"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2017-13077",
      "cwe": {
        "id": "CWE-330",
        "name": "Use of Insufficiently Random Values"
      },
      "notes": [
        {
          "category": "description",
          "text": "Wi-Fi Protected Access (WPA and WPA2) allows reinstallation of the Pairwise Transient Key (PTK) Temporal Key (TK) during the four-way handshake, allowing an attacker within radio range to replay, decrypt, or spoof frames.",
          "title": "Vulnerability Description"
        }
      ],
      "product_status": {
        "fixed": [
          "CSAFPID-32001",
          "CSAFPID-32002"
        ],
        "known_affected": [
          "CSAFPID-11001",
          "CSAFPID-11002",
          "CSAFPID-11003",
          "CSAFPID-11004",
          "CSAFPID-11005",
          "CSAFPID-11006",
          "CSAFPID-11007",
          "CSAFPID-11008",
          "CSAFPID-11009",
          "CSAFPID-11010",
          "CSAFPID-11011"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "### Android\n\n**Affected Products:**  \nTab-Ex 01, Ex-Handy 09, Ex-Handy 209, Smart-Ex 01, Smart-Ex 201\n\nPepperl+Fuchs has released firmware updates for the following products:\n\n| Product       | Date                  | Update Source |\n|---------------|-----------------------|----------------|\n| Smart-Ex 01   | Available since 09/2018 | FOTA-Update    |\n| Smart-Ex 201  | Available since 10/2018 | FOTA-Update    |\n\n---\n\n### Windows\n\n**Affected Products:**  \nPad-Ex 01, i.roc Ci70-Ex, CK70A-ATEX, CK71A-ATEX, CN70A-ATEX, CN70E-ATEX\n\nFor *ecom instruments* devices running Windows, we recommend to apply the security update provided by Microsoft.  \nIf you are using **WPA-TKIP** in your WLAN, you should switch to **AES-CCMP** immediately.\n\n\u003e **Note:**  \n\u003e This advisory will be updated as further details and/or software updates become available.",
          "group_ids": [
            "CSAFGID-0001"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "HIGH",
            "attackVector": "ADJACENT_NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 6.8,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "HIGH",
            "environmentalScore": 6.8,
            "environmentalSeverity": "MEDIUM",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "temporalScore": 6.8,
            "temporalSeverity": "MEDIUM",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
            "version": "3.0"
          },
          "products": [
            "CSAFPID-11001",
            "CSAFPID-11002",
            "CSAFPID-11003",
            "CSAFPID-11004",
            "CSAFPID-11005",
            "CSAFPID-11006",
            "CSAFPID-11007",
            "CSAFPID-11008",
            "CSAFPID-11009",
            "CSAFPID-11010",
            "CSAFPID-11011"
          ]
        }
      ],
      "title": "CVE-2017-13077"
    },
    {
      "cve": "CVE-2017-13078",
      "cwe": {
        "id": "CWE-330",
        "name": "Use of Insufficiently Random Values"
      },
      "notes": [
        {
          "category": "description",
          "text": "Wi-Fi Protected Access (WPA and WPA2) allows reinstallation of the Group Temporal Key (GTK) during the four-way handshake, allowing an attacker within radio range to replay frames from access points to clients.",
          "title": "Vulnerability Description"
        }
      ],
      "product_status": {
        "fixed": [
          "CSAFPID-32001",
          "CSAFPID-32002"
        ],
        "known_affected": [
          "CSAFPID-11001",
          "CSAFPID-11002",
          "CSAFPID-11003",
          "CSAFPID-11004",
          "CSAFPID-11005",
          "CSAFPID-11006",
          "CSAFPID-11007",
          "CSAFPID-11008",
          "CSAFPID-11009",
          "CSAFPID-11010",
          "CSAFPID-11011"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "### Android\n\n**Affected Products:**  \nTab-Ex 01, Ex-Handy 09, Ex-Handy 209, Smart-Ex 01, Smart-Ex 201\n\nPepperl+Fuchs has released firmware updates for the following products:\n\n| Product       | Date                  | Update Source |\n|---------------|-----------------------|----------------|\n| Smart-Ex 01   | Available since 09/2018 | FOTA-Update    |\n| Smart-Ex 201  | Available since 10/2018 | FOTA-Update    |\n\n---\n\n### Windows\n\n**Affected Products:**  \nPad-Ex 01, i.roc Ci70-Ex, CK70A-ATEX, CK71A-ATEX, CN70A-ATEX, CN70E-ATEX\n\nFor *ecom instruments* devices running Windows, we recommend to apply the security update provided by Microsoft.  \nIf you are using **WPA-TKIP** in your WLAN, you should switch to **AES-CCMP** immediately.\n\n\u003e **Note:**  \n\u003e This advisory will be updated as further details and/or software updates become available.",
          "group_ids": [
            "CSAFGID-0001"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "HIGH",
            "attackVector": "ADJACENT_NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "environmentalScore": 5.3,
            "environmentalSeverity": "MEDIUM",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "temporalScore": 5.3,
            "temporalSeverity": "MEDIUM",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N",
            "version": "3.0"
          },
          "products": [
            "CSAFPID-11001",
            "CSAFPID-11002",
            "CSAFPID-11003",
            "CSAFPID-11004",
            "CSAFPID-11005",
            "CSAFPID-11006",
            "CSAFPID-11007",
            "CSAFPID-11008",
            "CSAFPID-11009",
            "CSAFPID-11010",
            "CSAFPID-11011"
          ]
        }
      ],
      "title": "CVE-2017-13078"
    },
    {
      "cve": "CVE-2017-13080",
      "cwe": {
        "id": "CWE-330",
        "name": "Use of Insufficiently Random Values"
      },
      "notes": [
        {
          "category": "description",
          "text": "Wi-Fi Protected Access (WPA and WPA2) allows reinstallation of the Group Temporal Key (GTK) during the group key handshake, allowing an attacker within radio range to replay frames from access points to clients.",
          "title": "Vulnerability Description"
        }
      ],
      "product_status": {
        "fixed": [
          "CSAFPID-32001",
          "CSAFPID-32002"
        ],
        "known_affected": [
          "CSAFPID-11001",
          "CSAFPID-11002",
          "CSAFPID-11003",
          "CSAFPID-11004",
          "CSAFPID-11005",
          "CSAFPID-11006",
          "CSAFPID-11007",
          "CSAFPID-11008",
          "CSAFPID-11009",
          "CSAFPID-11010",
          "CSAFPID-11011"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "### Android\n\n**Affected Products:**  \nTab-Ex 01, Ex-Handy 09, Ex-Handy 209, Smart-Ex 01, Smart-Ex 201\n\nPepperl+Fuchs has released firmware updates for the following products:\n\n| Product       | Date                  | Update Source |\n|---------------|-----------------------|----------------|\n| Smart-Ex 01   | Available since 09/2018 | FOTA-Update    |\n| Smart-Ex 201  | Available since 10/2018 | FOTA-Update    |\n\n---\n\n### Windows\n\n**Affected Products:**  \nPad-Ex 01, i.roc Ci70-Ex, CK70A-ATEX, CK71A-ATEX, CN70A-ATEX, CN70E-ATEX\n\nFor *ecom instruments* devices running Windows, we recommend to apply the security update provided by Microsoft.  \nIf you are using **WPA-TKIP** in your WLAN, you should switch to **AES-CCMP** immediately.\n\n\u003e **Note:**  \n\u003e This advisory will be updated as further details and/or software updates become available.",
          "group_ids": [
            "CSAFGID-0001"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "HIGH",
            "attackVector": "ADJACENT_NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "environmentalScore": 5.3,
            "environmentalSeverity": "MEDIUM",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "temporalScore": 5.3,
            "temporalSeverity": "MEDIUM",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N",
            "version": "3.0"
          },
          "products": [
            "CSAFPID-11001",
            "CSAFPID-11002",
            "CSAFPID-11003",
            "CSAFPID-11004",
            "CSAFPID-11005",
            "CSAFPID-11006",
            "CSAFPID-11007",
            "CSAFPID-11008",
            "CSAFPID-11009",
            "CSAFPID-11010",
            "CSAFPID-11011"
          ]
        }
      ],
      "title": "CVE-2017-13080"
    },
    {
      "cve": "CVE-2017-13079",
      "cwe": {
        "id": "CWE-330",
        "name": "Use of Insufficiently Random Values"
      },
      "notes": [
        {
          "category": "description",
          "text": "Wi-Fi Protected Access (WPA and WPA2) that supports IEEE 802.11w allows reinstallation of the Integrity Group Temporal Key (IGTK) during the four-way handshake, allowing an attacker within radio range to spoof frames from access points to clients.",
          "title": "Vulnerability Description"
        }
      ],
      "product_status": {
        "fixed": [
          "CSAFPID-32001",
          "CSAFPID-32002"
        ],
        "known_affected": [
          "CSAFPID-11001",
          "CSAFPID-11002",
          "CSAFPID-11003",
          "CSAFPID-11004",
          "CSAFPID-11005",
          "CSAFPID-11006",
          "CSAFPID-11007",
          "CSAFPID-11008",
          "CSAFPID-11009",
          "CSAFPID-11010",
          "CSAFPID-11011"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "### Android\n\n**Affected Products:**  \nTab-Ex 01, Ex-Handy 09, Ex-Handy 209, Smart-Ex 01, Smart-Ex 201\n\nPepperl+Fuchs has released firmware updates for the following products:\n\n| Product       | Date                  | Update Source |\n|---------------|-----------------------|----------------|\n| Smart-Ex 01   | Available since 09/2018 | FOTA-Update    |\n| Smart-Ex 201  | Available since 10/2018 | FOTA-Update    |\n\n---\n\n### Windows\n\n**Affected Products:**  \nPad-Ex 01, i.roc Ci70-Ex, CK70A-ATEX, CK71A-ATEX, CN70A-ATEX, CN70E-ATEX\n\nFor *ecom instruments* devices running Windows, we recommend to apply the security update provided by Microsoft.  \nIf you are using **WPA-TKIP** in your WLAN, you should switch to **AES-CCMP** immediately.\n\n\u003e **Note:**  \n\u003e This advisory will be updated as further details and/or software updates become available.",
          "group_ids": [
            "CSAFGID-0001"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "HIGH",
            "attackVector": "ADJACENT_NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "environmentalScore": 5.3,
            "environmentalSeverity": "MEDIUM",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "temporalScore": 5.3,
            "temporalSeverity": "MEDIUM",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N",
            "version": "3.0"
          },
          "products": [
            "CSAFPID-11001",
            "CSAFPID-11002",
            "CSAFPID-11003",
            "CSAFPID-11004",
            "CSAFPID-11005",
            "CSAFPID-11006",
            "CSAFPID-11007",
            "CSAFPID-11008",
            "CSAFPID-11009",
            "CSAFPID-11010",
            "CSAFPID-11011"
          ]
        }
      ],
      "title": "CVE-2017-13079"
    },
    {
      "cve": "CVE-2017-13081",
      "cwe": {
        "id": "CWE-330",
        "name": "Use of Insufficiently Random Values"
      },
      "notes": [
        {
          "category": "description",
          "text": "Wi-Fi Protected Access (WPA and WPA2) that supports IEEE 802.11w allows reinstallation of the Integrity Group Temporal Key (IGTK) during the group key handshake, allowing an attacker within radio range to spoof frames from access points to clients.",
          "title": "Vulnerability Description"
        }
      ],
      "product_status": {
        "fixed": [
          "CSAFPID-32001",
          "CSAFPID-32002"
        ],
        "known_affected": [
          "CSAFPID-11001",
          "CSAFPID-11002",
          "CSAFPID-11003",
          "CSAFPID-11004",
          "CSAFPID-11005",
          "CSAFPID-11006",
          "CSAFPID-11007",
          "CSAFPID-11008",
          "CSAFPID-11009",
          "CSAFPID-11010",
          "CSAFPID-11011"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "### Android\n\n**Affected Products:**  \nTab-Ex 01, Ex-Handy 09, Ex-Handy 209, Smart-Ex 01, Smart-Ex 201\n\nPepperl+Fuchs has released firmware updates for the following products:\n\n| Product       | Date                  | Update Source |\n|---------------|-----------------------|----------------|\n| Smart-Ex 01   | Available since 09/2018 | FOTA-Update    |\n| Smart-Ex 201  | Available since 10/2018 | FOTA-Update    |\n\n---\n\n### Windows\n\n**Affected Products:**  \nPad-Ex 01, i.roc Ci70-Ex, CK70A-ATEX, CK71A-ATEX, CN70A-ATEX, CN70E-ATEX\n\nFor *ecom instruments* devices running Windows, we recommend to apply the security update provided by Microsoft.  \nIf you are using **WPA-TKIP** in your WLAN, you should switch to **AES-CCMP** immediately.\n\n\u003e **Note:**  \n\u003e This advisory will be updated as further details and/or software updates become available.",
          "group_ids": [
            "CSAFGID-0001"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "HIGH",
            "attackVector": "ADJACENT_NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "environmentalScore": 5.3,
            "environmentalSeverity": "MEDIUM",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "temporalScore": 5.3,
            "temporalSeverity": "MEDIUM",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N",
            "version": "3.0"
          },
          "products": [
            "CSAFPID-11001",
            "CSAFPID-11002",
            "CSAFPID-11003",
            "CSAFPID-11004",
            "CSAFPID-11005",
            "CSAFPID-11006",
            "CSAFPID-11007",
            "CSAFPID-11008",
            "CSAFPID-11009",
            "CSAFPID-11010",
            "CSAFPID-11011"
          ]
        }
      ],
      "title": "CVE-2017-13081"
    },
    {
      "cve": "CVE-2017-13082",
      "cwe": {
        "id": "CWE-330",
        "name": "Use of Insufficiently Random Values"
      },
      "notes": [
        {
          "category": "description",
          "text": "Wi-Fi Protected Access (WPA and WPA2) that supports IEEE 802.11r allows reinstallation of the Pairwise Transient Key (PTK) Temporal Key (TK) during the fast BSS transmission (FT) handshake, allowing an attacker within radio range to replay, decrypt, or spoof frames.",
          "title": "Vulnerability Description"
        }
      ],
      "product_status": {
        "fixed": [
          "CSAFPID-32001",
          "CSAFPID-32002"
        ],
        "known_affected": [
          "CSAFPID-11001",
          "CSAFPID-11002",
          "CSAFPID-11003",
          "CSAFPID-11004",
          "CSAFPID-11005",
          "CSAFPID-11006",
          "CSAFPID-11007",
          "CSAFPID-11008",
          "CSAFPID-11009",
          "CSAFPID-11010",
          "CSAFPID-11011"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "### Android\n\n**Affected Products:**  \nTab-Ex 01, Ex-Handy 09, Ex-Handy 209, Smart-Ex 01, Smart-Ex 201\n\nPepperl+Fuchs has released firmware updates for the following products:\n\n| Product       | Date                  | Update Source |\n|---------------|-----------------------|----------------|\n| Smart-Ex 01   | Available since 09/2018 | FOTA-Update    |\n| Smart-Ex 201  | Available since 10/2018 | FOTA-Update    |\n\n---\n\n### Windows\n\n**Affected Products:**  \nPad-Ex 01, i.roc Ci70-Ex, CK70A-ATEX, CK71A-ATEX, CN70A-ATEX, CN70E-ATEX\n\nFor *ecom instruments* devices running Windows, we recommend to apply the security update provided by Microsoft.  \nIf you are using **WPA-TKIP** in your WLAN, you should switch to **AES-CCMP** immediately.\n\n\u003e **Note:**  \n\u003e This advisory will be updated as further details and/or software updates become available.",
          "group_ids": [
            "CSAFGID-0001"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "ADJACENT_NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 8.1,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "environmentalScore": 8.1,
            "environmentalSeverity": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "temporalScore": 8.1,
            "temporalSeverity": "HIGH",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
            "version": "3.0"
          },
          "products": [
            "CSAFPID-11001",
            "CSAFPID-11002",
            "CSAFPID-11003",
            "CSAFPID-11004",
            "CSAFPID-11005",
            "CSAFPID-11006",
            "CSAFPID-11007",
            "CSAFPID-11008",
            "CSAFPID-11009",
            "CSAFPID-11010",
            "CSAFPID-11011"
          ]
        }
      ],
      "title": "CVE-2017-13082"
    },
    {
      "cve": "CVE-2017-13086",
      "cwe": {
        "id": "CWE-330",
        "name": "Use of Insufficiently Random Values"
      },
      "notes": [
        {
          "category": "description",
          "text": "Wi-Fi Protected Access (WPA and WPA2) allows reinstallation of the Tunneled Direct-Link Setup (TDLS) Peer Key (TPK) during the TDLS handshake, allowing an attacker within radio range to replay, decrypt, or spoof frames.",
          "title": "Vulnerability Description"
        }
      ],
      "product_status": {
        "fixed": [
          "CSAFPID-32001",
          "CSAFPID-32002"
        ],
        "known_affected": [
          "CSAFPID-11001",
          "CSAFPID-11002",
          "CSAFPID-11003",
          "CSAFPID-11004",
          "CSAFPID-11005",
          "CSAFPID-11006",
          "CSAFPID-11007",
          "CSAFPID-11008",
          "CSAFPID-11009",
          "CSAFPID-11010",
          "CSAFPID-11011"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "### Android\n\n**Affected Products:**  \nTab-Ex 01, Ex-Handy 09, Ex-Handy 209, Smart-Ex 01, Smart-Ex 201\n\nPepperl+Fuchs has released firmware updates for the following products:\n\n| Product       | Date                  | Update Source |\n|---------------|-----------------------|----------------|\n| Smart-Ex 01   | Available since 09/2018 | FOTA-Update    |\n| Smart-Ex 201  | Available since 10/2018 | FOTA-Update    |\n\n---\n\n### Windows\n\n**Affected Products:**  \nPad-Ex 01, i.roc Ci70-Ex, CK70A-ATEX, CK71A-ATEX, CN70A-ATEX, CN70E-ATEX\n\nFor *ecom instruments* devices running Windows, we recommend to apply the security update provided by Microsoft.  \nIf you are using **WPA-TKIP** in your WLAN, you should switch to **AES-CCMP** immediately.\n\n\u003e **Note:**  \n\u003e This advisory will be updated as further details and/or software updates become available.",
          "group_ids": [
            "CSAFGID-0001"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "HIGH",
            "attackVector": "ADJACENT_NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 6.8,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "HIGH",
            "environmentalScore": 6.8,
            "environmentalSeverity": "MEDIUM",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "temporalScore": 6.8,
            "temporalSeverity": "MEDIUM",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
            "version": "3.0"
          },
          "products": [
            "CSAFPID-11001",
            "CSAFPID-11002",
            "CSAFPID-11003",
            "CSAFPID-11004",
            "CSAFPID-11005",
            "CSAFPID-11006",
            "CSAFPID-11007",
            "CSAFPID-11008",
            "CSAFPID-11009",
            "CSAFPID-11010",
            "CSAFPID-11011"
          ]
        }
      ],
      "title": "CVE-2017-13086"
    },
    {
      "cve": "CVE-2017-13087",
      "cwe": {
        "id": "CWE-330",
        "name": "Use of Insufficiently Random Values"
      },
      "notes": [
        {
          "category": "description",
          "text": "Wi-Fi Protected Access (WPA and WPA2) that support 802.11v allows reinstallation of the Group Temporal Key (GTK) when processing a Wireless Network Management (WNM) Sleep Mode Response frame, allowing an attacker within radio range to replay frames from access points to clients.",
          "title": "Vulnerability Description"
        }
      ],
      "product_status": {
        "fixed": [
          "CSAFPID-32001",
          "CSAFPID-32002"
        ],
        "known_affected": [
          "CSAFPID-11001",
          "CSAFPID-11002",
          "CSAFPID-11003",
          "CSAFPID-11004",
          "CSAFPID-11005",
          "CSAFPID-11006",
          "CSAFPID-11007",
          "CSAFPID-11008",
          "CSAFPID-11009",
          "CSAFPID-11010",
          "CSAFPID-11011"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "### Android\n\n**Affected Products:**  \nTab-Ex 01, Ex-Handy 09, Ex-Handy 209, Smart-Ex 01, Smart-Ex 201\n\nPepperl+Fuchs has released firmware updates for the following products:\n\n| Product       | Date                  | Update Source |\n|---------------|-----------------------|----------------|\n| Smart-Ex 01   | Available since 09/2018 | FOTA-Update    |\n| Smart-Ex 201  | Available since 10/2018 | FOTA-Update    |\n\n---\n\n### Windows\n\n**Affected Products:**  \nPad-Ex 01, i.roc Ci70-Ex, CK70A-ATEX, CK71A-ATEX, CN70A-ATEX, CN70E-ATEX\n\nFor *ecom instruments* devices running Windows, we recommend to apply the security update provided by Microsoft.  \nIf you are using **WPA-TKIP** in your WLAN, you should switch to **AES-CCMP** immediately.\n\n\u003e **Note:**  \n\u003e This advisory will be updated as further details and/or software updates become available.",
          "group_ids": [
            "CSAFGID-0001"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "HIGH",
            "attackVector": "ADJACENT_NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "environmentalScore": 5.3,
            "environmentalSeverity": "MEDIUM",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "temporalScore": 5.3,
            "temporalSeverity": "MEDIUM",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N",
            "version": "3.0"
          },
          "products": [
            "CSAFPID-11001",
            "CSAFPID-11002",
            "CSAFPID-11003",
            "CSAFPID-11004",
            "CSAFPID-11005",
            "CSAFPID-11006",
            "CSAFPID-11007",
            "CSAFPID-11008",
            "CSAFPID-11009",
            "CSAFPID-11010",
            "CSAFPID-11011"
          ]
        }
      ],
      "title": "CVE-2017-13087"
    },
    {
      "cve": "CVE-2017-13088",
      "cwe": {
        "id": "CWE-330",
        "name": "Use of Insufficiently Random Values"
      },
      "notes": [
        {
          "category": "description",
          "text": "Wi-Fi Protected Access (WPA and WPA2) that support 802.11v allows reinstallation of the Integrity Group Temporal Key (IGTK) when processing a Wireless Network Management (WNM) Sleep Mode Response frame, allowing an attacker within radio range to replay frames from access points to clients.",
          "title": "Vulnerability Description"
        }
      ],
      "product_status": {
        "fixed": [
          "CSAFPID-32001",
          "CSAFPID-32002"
        ],
        "known_affected": [
          "CSAFPID-11001",
          "CSAFPID-11002",
          "CSAFPID-11003",
          "CSAFPID-11004",
          "CSAFPID-11005",
          "CSAFPID-11006",
          "CSAFPID-11007",
          "CSAFPID-11008",
          "CSAFPID-11009",
          "CSAFPID-11010",
          "CSAFPID-11011"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "### Android\n\n**Affected Products:**  \nTab-Ex 01, Ex-Handy 09, Ex-Handy 209, Smart-Ex 01, Smart-Ex 201\n\nPepperl+Fuchs has released firmware updates for the following products:\n\n| Product       | Date                  | Update Source |\n|---------------|-----------------------|----------------|\n| Smart-Ex 01   | Available since 09/2018 | FOTA-Update    |\n| Smart-Ex 201  | Available since 10/2018 | FOTA-Update    |\n\n---\n\n### Windows\n\n**Affected Products:**  \nPad-Ex 01, i.roc Ci70-Ex, CK70A-ATEX, CK71A-ATEX, CN70A-ATEX, CN70E-ATEX\n\nFor *ecom instruments* devices running Windows, we recommend to apply the security update provided by Microsoft.  \nIf you are using **WPA-TKIP** in your WLAN, you should switch to **AES-CCMP** immediately.\n\n\u003e **Note:**  \n\u003e This advisory will be updated as further details and/or software updates become available.",
          "group_ids": [
            "CSAFGID-0001"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "HIGH",
            "attackVector": "ADJACENT_NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "environmentalScore": 5.3,
            "environmentalSeverity": "MEDIUM",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "temporalScore": 5.3,
            "temporalSeverity": "MEDIUM",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N",
            "version": "3.0"
          },
          "products": [
            "CSAFPID-11001",
            "CSAFPID-11002",
            "CSAFPID-11003",
            "CSAFPID-11004",
            "CSAFPID-11005",
            "CSAFPID-11006",
            "CSAFPID-11007",
            "CSAFPID-11008",
            "CSAFPID-11009",
            "CSAFPID-11010",
            "CSAFPID-11011"
          ]
        }
      ],
      "title": "CVE-2017-13088"
    }
  ]
}

VDE-2019-005

Vulnerability from csaf_endresshauserag - Published: 2019-03-19 15:34 - Updated: 2019-03-19 15:34

Summary

Endress+Hauser: WIFI enabled products utilising WPA2

Notes

Summary: Multiple security issues and vulnerabilities within the WPA2 standard have been identified and publicized by Mr. Mathy Vanhoef of KU Leuven. These vulnerabilities may allow the reinstallation of a pairwise transient key, a group key, or an integrity key on either a wireless client or a wireless access point (AP). In consequence, an attacker could establish a man-in-the-middle position between AP and client facilitating packet decryption and injection. The Field Xpert SFX370 and SFX350 handhelds are manufactured by Pepperl+Fuchs/ecom instruments for Endress+Hauser. The Advisory for Pepperl+Fuchs/ecom instruments can be found here: VDE-2017-005

Impact: The devices are in theory attackable by replay, decryption and faking of packets. However, to perform the attack, the attacker must be significantly closer to the ecom device than to the access point. The WPA2 password cannot be compromised using a KRACK attack. Note if WPA-TKIP is used instead of AES-CCMP, an attacker can easily fake and inject packets directly into the WIFI.

Remediation: For Field Xpert handheld devices (SFX350/SFX370) running Windows Mobile, Endress+Hauser recommends to apply the security updates provided by Microsoft. Intermec/Honeywell as producer of the basis of the handheld provide the following security patch for the Windows Mobile operating system: SR18012500_802T_Cx70_WM65_ALL.CAB To obtain this patch, please contact your local Endress+Hauser representative. If you are using WPA-TKIP in your WLAN, you should switch to AES-CCMP immediately. For Field Xpert tablet PC for device configuration (SMT70) running Windows 10 Pro 1703 64 EN, Endress+Hauser strongly recommends updating to the newest available Windows version. As a general security measure Endress+Hauser strongly recommends to protect network access to the WIFI network with appropriate mechanisms. It is advised to configure the environment in order to run the devices in a protected IT environment. Note: This advisory will be updated as further details and/or software updates become available.

CVE-2017-13077

6.8 (Medium)


                        
                          CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N

CWE-330 - Use of Insufficiently Random Values

Vendor Fix For Field Xpert handheld devices (SFX350/SFX370) running Windows Mobile, Endress+Hauser recommends to apply the security updates provided by Microsoft. Intermec/Honeywell as producer of the basis of the handheld provide the following security patch for the Windows Mobile operating system: SR18012500_802T_Cx70_WM65_ALL.CAB To obtain this patch, please contact your local Endress+Hauser representative. If you are using WPA-TKIP in your WLAN, you should switch to AES-CCMP immediately. For Field Xpert tablet PC for device configuration (SMT70) running Windows 10 Pro 1703 64 EN, Endress+Hauser strongly recommends updating to the newest available Windows version. As a general security measure Endress+Hauser strongly recommends to protect network access to the WIFI network with appropriate mechanisms. It is advised to configure the environment in order to run the devices in a protected IT environment. Note: This advisory will be updated as further details and/or software updates become available.

Affected products

Known affected 3 products

Product	Identifier	Version	Remediation
Field Xpert SFX350 vers:all/* Vendor / Hardware / Field Xpert SFX350		vers:all/*
Field Xpert SFX370 vers:all/* Vendor / Hardware / Field Xpert SFX370		vers:all/*
Field Xpert SMT70 vers:all/* Vendor / Hardware / Field Xpert SMT70		vers:all/*

CVE-2017-13078

5.3 (Medium)


                        
                          CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N

CWE-330 - Use of Insufficiently Random Values

Affected products

Known affected 3 products

Product	Identifier	Version	Remediation
Field Xpert SFX350 vers:all/* Vendor / Hardware / Field Xpert SFX350		vers:all/*
Field Xpert SFX370 vers:all/* Vendor / Hardware / Field Xpert SFX370		vers:all/*
Field Xpert SMT70 vers:all/* Vendor / Hardware / Field Xpert SMT70		vers:all/*

CVE-2017-13080

5.3 (Medium)


                        
                          CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N

CWE-330 - Use of Insufficiently Random Values

Affected products

Known affected 3 products

Product	Identifier	Version	Remediation
Field Xpert SFX350 vers:all/* Vendor / Hardware / Field Xpert SFX350		vers:all/*
Field Xpert SFX370 vers:all/* Vendor / Hardware / Field Xpert SFX370		vers:all/*
Field Xpert SMT70 vers:all/* Vendor / Hardware / Field Xpert SMT70		vers:all/*

CVE-2017-13079

5.3 (Medium)


                        
                          CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N

CWE-330 - Use of Insufficiently Random Values

Affected products

Known affected 3 products

Product	Identifier	Version	Remediation
Field Xpert SFX350 vers:all/* Vendor / Hardware / Field Xpert SFX350		vers:all/*
Field Xpert SFX370 vers:all/* Vendor / Hardware / Field Xpert SFX370		vers:all/*
Field Xpert SMT70 vers:all/* Vendor / Hardware / Field Xpert SMT70		vers:all/*

CVE-2017-13081

5.3 (Medium)


                        
                          CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N

CWE-330 - Use of Insufficiently Random Values

Affected products

Known affected 3 products

Product	Identifier	Version	Remediation
Field Xpert SFX350 vers:all/* Vendor / Hardware / Field Xpert SFX350		vers:all/*
Field Xpert SFX370 vers:all/* Vendor / Hardware / Field Xpert SFX370		vers:all/*
Field Xpert SMT70 vers:all/* Vendor / Hardware / Field Xpert SMT70		vers:all/*

CVE-2017-13082

8.1 (High)


                        
                          CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

CWE-330 - Use of Insufficiently Random Values

Affected products

Known affected 3 products

Product	Identifier	Version	Remediation
Field Xpert SFX350 vers:all/* Vendor / Hardware / Field Xpert SFX350		vers:all/*
Field Xpert SFX370 vers:all/* Vendor / Hardware / Field Xpert SFX370		vers:all/*
Field Xpert SMT70 vers:all/* Vendor / Hardware / Field Xpert SMT70		vers:all/*

CVE-2017-13086

6.8 (Medium)


                        
                          CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N

CWE-330 - Use of Insufficiently Random Values

Affected products

Known affected 3 products

Product	Identifier	Version	Remediation
Field Xpert SFX350 vers:all/* Vendor / Hardware / Field Xpert SFX350		vers:all/*
Field Xpert SFX370 vers:all/* Vendor / Hardware / Field Xpert SFX370		vers:all/*
Field Xpert SMT70 vers:all/* Vendor / Hardware / Field Xpert SMT70		vers:all/*

CVE-2017-13087

5.3 (Medium)


                        
                          CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N

CWE-330 - Use of Insufficiently Random Values

Affected products

Known affected 3 products

Product	Identifier	Version	Remediation
Field Xpert SFX350 vers:all/* Vendor / Hardware / Field Xpert SFX350		vers:all/*
Field Xpert SFX370 vers:all/* Vendor / Hardware / Field Xpert SFX370		vers:all/*
Field Xpert SMT70 vers:all/* Vendor / Hardware / Field Xpert SMT70		vers:all/*

CVE-2017-13088

5.3 (Medium)


                        
                          CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N

CWE-330 - Use of Insufficiently Random Values

Affected products

Known affected 3 products

Product	Identifier	Version	Remediation
Field Xpert SFX350 vers:all/* Vendor / Hardware / Field Xpert SFX350		vers:all/*
Field Xpert SFX370 vers:all/* Vendor / Hardware / Field Xpert SFX370		vers:all/*
Field Xpert SMT70 vers:all/* Vendor / Hardware / Field Xpert SMT70		vers:all/*

References

4 references

URL	Category
https://certvde.com/en/advisories/VDE-2019-005/	self
https://endress-hauser.csaf-tp.certvde.com/.well-…	self
https://www.endress.com	external
https://certvde.com/en/advisories/vendor/endress-…	external

Acknowledgments

CERT@VDE certvde.com

krack attacks KU Leuven www.krackattacks.com/

imec-DistriNet Mathy Vanhoef

JSON

To clipboard

{
  "document": {
    "acknowledgments": [
      {
        "organization": "CERT@VDE",
        "summary": "coordination",
        "urls": [
          "https://certvde.com"
        ]
      },
      {
        "names": [
          "KU Leuven"
        ],
        "organization": "krack attacks",
        "summary": "reporting",
        "urls": [
          "https://www.krackattacks.com/"
        ]
      },
      {
        "names": [
          "Mathy Vanhoef"
        ],
        "organization": "imec-DistriNet ",
        "summary": "reporting"
      }
    ],
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en-GB",
    "notes": [
      {
        "category": "summary",
        "text": "Multiple security issues and vulnerabilities within the WPA2 standard have been identified and publicized by Mr. Mathy Vanhoef of KU Leuven. These vulnerabilities may allow the reinstallation of a pairwise transient key, a group key, or an integrity key on either a wireless client or a wireless access point (AP). In consequence, an attacker could establish a man-in-the-middle position between AP and client facilitating packet decryption and injection.\nThe Field Xpert SFX370 and SFX350 handhelds are manufactured by Pepperl+Fuchs/ecom instruments for Endress+Hauser.\nThe Advisory for Pepperl+Fuchs/ecom instruments can be found here: VDE-2017-005",
        "title": "Summary"
      },
      {
        "category": "description",
        "text": "The devices are in theory attackable by replay, decryption and faking of packets. However, to perform the attack, the attacker must be significantly closer to the ecom device than to the access point. The WPA2 password cannot be compromised using a KRACK attack. Note if WPA-TKIP is used instead of AES-CCMP, an attacker can easily fake and inject packets directly into the WIFI.",
        "title": "Impact"
      },
      {
        "category": "description",
        "text": "For Field Xpert handheld devices (SFX350/SFX370) running Windows Mobile, Endress+Hauser recommends to apply the security updates provided by Microsoft.\n\nIntermec/Honeywell as producer of the basis of the handheld provide the following security patch for the Windows Mobile operating system: SR18012500_802T_Cx70_WM65_ALL.CAB\n\nTo obtain this patch, please contact your local Endress+Hauser representative.\nIf you are using WPA-TKIP in your WLAN, you should switch to AES-CCMP immediately.\nFor Field Xpert tablet PC for device configuration (SMT70) running Windows 10 Pro 1703 64 EN, Endress+Hauser strongly recommends updating to the newest available Windows version.\nAs a general security measure Endress+Hauser strongly recommends to protect network access to the WIFI network with appropriate mechanisms. It is advised to configure the environment in order to run the devices in a protected IT environment.\n\nNote: This advisory will be updated as further details and/or software updates become available.",
        "title": "Remediation"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "psirt@endress.com",
      "name": "Endress+Hauser AG",
      "namespace": "https://www.endress.com"
    },
    "references": [
      {
        "category": "self",
        "summary": "VDE-2019-005: Endress+Hauser: WIFI enabled products utilising WPA2 - HTML",
        "url": "https://certvde.com/en/advisories/VDE-2019-005/"
      },
      {
        "category": "self",
        "summary": "VDE-2019-005: Endress+Hauser: WIFI enabled products utilising WPA2 - CSAF",
        "url": "https://endress-hauser.csaf-tp.certvde.com/.well-known/csaf/white/2019/vde-2019-005.json"
      },
      {
        "category": "external",
        "summary": "Vendor PSIRT",
        "url": "https://www.endress.com"
      },
      {
        "category": "external",
        "summary": "CERT@VDE Security Advisories for Endress+Hauser AG",
        "url": "https://certvde.com/en/advisories/vendor/endress-hauser/"
      }
    ],
    "title": "Endress+Hauser: WIFI enabled products utilising WPA2",
    "tracking": {
      "aliases": [
        "VDE-2019-005"
      ],
      "current_release_date": "2019-03-19T15:34:00.000Z",
      "generator": {
        "date": "2025-05-26T13:13:31.733Z",
        "engine": {
          "name": "Secvisogram",
          "version": "2.5.26"
        }
      },
      "id": "VDE-2019-005",
      "initial_release_date": "2019-03-19T15:34:00.000Z",
      "revision_history": [
        {
          "date": "2019-03-19T15:34:00.000Z",
          "number": "1",
          "summary": "Initial revision."
        }
      ],
      "status": "final",
      "version": "1"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "branches": [
                  {
                    "category": "product_version_range",
                    "name": "vers:all/*",
                    "product": {
                      "name": "Field Xpert SFX350 vers:all/*",
                      "product_id": "CSAFPID-11001"
                    }
                  }
                ],
                "category": "product_name",
                "name": "Field Xpert SFX350"
              },
              {
                "branches": [
                  {
                    "category": "product_version_range",
                    "name": "vers:all/*",
                    "product": {
                      "name": "Field Xpert SFX370 vers:all/*",
                      "product_id": "CSAFPID-11002"
                    }
                  }
                ],
                "category": "product_name",
                "name": "Field Xpert SFX370"
              },
              {
                "branches": [
                  {
                    "category": "product_version_range",
                    "name": "vers:all/*",
                    "product": {
                      "name": "Field Xpert SMT70 vers:all/*",
                      "product_id": "CSAFPID-11003"
                    }
                  }
                ],
                "category": "product_name",
                "name": "Field Xpert SMT70"
              }
            ],
            "category": "product_family",
            "name": "Hardware"
          }
        ],
        "category": "vendor",
        "name": "Vendor"
      }
    ],
    "product_groups": [
      {
        "group_id": "CSAFGID-0001",
        "product_ids": [
          "CSAFPID-11001",
          "CSAFPID-11002",
          "CSAFPID-11003"
        ],
        "summary": "Affected products."
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2017-13077",
      "cwe": {
        "id": "CWE-330",
        "name": "Use of Insufficiently Random Values"
      },
      "notes": [
        {
          "category": "description",
          "text": "Wi-Fi Protected Access (WPA and WPA2) allows reinstallation of the Pairwise Transient Key (PTK) Temporal Key (TK) during the four-way handshake, allowing an attacker within radio range to replay, decrypt, or spoof frames.",
          "title": "Vulnerability Description"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-11001",
          "CSAFPID-11002",
          "CSAFPID-11003"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "For Field Xpert handheld devices (SFX350/SFX370) running Windows Mobile, Endress+Hauser recommends to apply the security updates provided by Microsoft.\n\nIntermec/Honeywell as producer of the basis of the handheld provide the following security patch for the Windows Mobile operating system: SR18012500_802T_Cx70_WM65_ALL.CAB\n\nTo obtain this patch, please contact your local Endress+Hauser representative.\nIf you are using WPA-TKIP in your WLAN, you should switch to AES-CCMP immediately.\nFor Field Xpert tablet PC for device configuration (SMT70) running Windows 10 Pro 1703 64 EN, Endress+Hauser strongly recommends updating to the newest available Windows version.\nAs a general security measure Endress+Hauser strongly recommends to protect network access to the WIFI network with appropriate mechanisms. It is advised to configure the environment in order to run the devices in a protected IT environment.\n\nNote: This advisory will be updated as further details and/or software updates become available.",
          "group_ids": [
            "CSAFGID-0001"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "HIGH",
            "attackVector": "ADJACENT_NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 6.8,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "HIGH",
            "environmentalScore": 6.8,
            "environmentalSeverity": "MEDIUM",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "temporalScore": 6.8,
            "temporalSeverity": "MEDIUM",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
            "version": "3.0"
          },
          "products": [
            "CSAFPID-11001",
            "CSAFPID-11002",
            "CSAFPID-11003"
          ]
        }
      ],
      "title": "CVE-2017-13077"
    },
    {
      "cve": "CVE-2017-13078",
      "cwe": {
        "id": "CWE-330",
        "name": "Use of Insufficiently Random Values"
      },
      "notes": [
        {
          "category": "description",
          "text": "Wi-Fi Protected Access (WPA and WPA2) allows reinstallation of the Group Temporal Key (GTK) during the four-way handshake, allowing an attacker within radio range to replay frames from access points to clients.",
          "title": "Vulnerability Description"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-11001",
          "CSAFPID-11002",
          "CSAFPID-11003"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "For Field Xpert handheld devices (SFX350/SFX370) running Windows Mobile, Endress+Hauser recommends to apply the security updates provided by Microsoft.\n\nIntermec/Honeywell as producer of the basis of the handheld provide the following security patch for the Windows Mobile operating system: SR18012500_802T_Cx70_WM65_ALL.CAB\n\nTo obtain this patch, please contact your local Endress+Hauser representative.\nIf you are using WPA-TKIP in your WLAN, you should switch to AES-CCMP immediately.\nFor Field Xpert tablet PC for device configuration (SMT70) running Windows 10 Pro 1703 64 EN, Endress+Hauser strongly recommends updating to the newest available Windows version.\nAs a general security measure Endress+Hauser strongly recommends to protect network access to the WIFI network with appropriate mechanisms. It is advised to configure the environment in order to run the devices in a protected IT environment.\n\nNote: This advisory will be updated as further details and/or software updates become available.",
          "group_ids": [
            "CSAFGID-0001"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "HIGH",
            "attackVector": "ADJACENT_NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "environmentalScore": 5.3,
            "environmentalSeverity": "MEDIUM",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "temporalScore": 5.3,
            "temporalSeverity": "MEDIUM",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N",
            "version": "3.0"
          },
          "products": [
            "CSAFPID-11001",
            "CSAFPID-11002",
            "CSAFPID-11003"
          ]
        }
      ],
      "title": "CVE-2017-13078"
    },
    {
      "cve": "CVE-2017-13080",
      "cwe": {
        "id": "CWE-330",
        "name": "Use of Insufficiently Random Values"
      },
      "notes": [
        {
          "category": "description",
          "text": "Wi-Fi Protected Access (WPA and WPA2) allows reinstallation of the Group Temporal Key (GTK) during the group key handshake, allowing an attacker within radio range to replay frames from access points to clients.",
          "title": "Vulnerability Description"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-11001",
          "CSAFPID-11002",
          "CSAFPID-11003"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "For Field Xpert handheld devices (SFX350/SFX370) running Windows Mobile, Endress+Hauser recommends to apply the security updates provided by Microsoft.\n\nIntermec/Honeywell as producer of the basis of the handheld provide the following security patch for the Windows Mobile operating system: SR18012500_802T_Cx70_WM65_ALL.CAB\n\nTo obtain this patch, please contact your local Endress+Hauser representative.\nIf you are using WPA-TKIP in your WLAN, you should switch to AES-CCMP immediately.\nFor Field Xpert tablet PC for device configuration (SMT70) running Windows 10 Pro 1703 64 EN, Endress+Hauser strongly recommends updating to the newest available Windows version.\nAs a general security measure Endress+Hauser strongly recommends to protect network access to the WIFI network with appropriate mechanisms. It is advised to configure the environment in order to run the devices in a protected IT environment.\n\nNote: This advisory will be updated as further details and/or software updates become available.",
          "group_ids": [
            "CSAFGID-0001"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "HIGH",
            "attackVector": "ADJACENT_NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "environmentalScore": 5.3,
            "environmentalSeverity": "MEDIUM",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "temporalScore": 5.3,
            "temporalSeverity": "MEDIUM",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N",
            "version": "3.0"
          },
          "products": [
            "CSAFPID-11001",
            "CSAFPID-11002",
            "CSAFPID-11003"
          ]
        }
      ],
      "title": "CVE-2017-13080"
    },
    {
      "cve": "CVE-2017-13079",
      "cwe": {
        "id": "CWE-330",
        "name": "Use of Insufficiently Random Values"
      },
      "notes": [
        {
          "category": "description",
          "text": "Wi-Fi Protected Access (WPA and WPA2) that supports IEEE 802.11w allows reinstallation of the Integrity Group Temporal Key (IGTK) during the four-way handshake, allowing an attacker within radio range to spoof frames from access points to clients.",
          "title": "Vulnerability Description"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-11001",
          "CSAFPID-11002",
          "CSAFPID-11003"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "For Field Xpert handheld devices (SFX350/SFX370) running Windows Mobile, Endress+Hauser recommends to apply the security updates provided by Microsoft.\n\nIntermec/Honeywell as producer of the basis of the handheld provide the following security patch for the Windows Mobile operating system: SR18012500_802T_Cx70_WM65_ALL.CAB\n\nTo obtain this patch, please contact your local Endress+Hauser representative.\nIf you are using WPA-TKIP in your WLAN, you should switch to AES-CCMP immediately.\nFor Field Xpert tablet PC for device configuration (SMT70) running Windows 10 Pro 1703 64 EN, Endress+Hauser strongly recommends updating to the newest available Windows version.\nAs a general security measure Endress+Hauser strongly recommends to protect network access to the WIFI network with appropriate mechanisms. It is advised to configure the environment in order to run the devices in a protected IT environment.\n\nNote: This advisory will be updated as further details and/or software updates become available.",
          "group_ids": [
            "CSAFGID-0001"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "HIGH",
            "attackVector": "ADJACENT_NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "environmentalScore": 5.3,
            "environmentalSeverity": "MEDIUM",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "temporalScore": 5.3,
            "temporalSeverity": "MEDIUM",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N",
            "version": "3.0"
          },
          "products": [
            "CSAFPID-11001",
            "CSAFPID-11002",
            "CSAFPID-11003"
          ]
        }
      ],
      "title": "CVE-2017-13079"
    },
    {
      "cve": "CVE-2017-13081",
      "cwe": {
        "id": "CWE-330",
        "name": "Use of Insufficiently Random Values"
      },
      "notes": [
        {
          "category": "description",
          "text": "Wi-Fi Protected Access (WPA and WPA2) that supports IEEE 802.11w allows reinstallation of the Integrity Group Temporal Key (IGTK) during the group key handshake, allowing an attacker within radio range to spoof frames from access points to clients.",
          "title": "Vulnerability Description"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-11001",
          "CSAFPID-11002",
          "CSAFPID-11003"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "For Field Xpert handheld devices (SFX350/SFX370) running Windows Mobile, Endress+Hauser recommends to apply the security updates provided by Microsoft.\n\nIntermec/Honeywell as producer of the basis of the handheld provide the following security patch for the Windows Mobile operating system: SR18012500_802T_Cx70_WM65_ALL.CAB\n\nTo obtain this patch, please contact your local Endress+Hauser representative.\nIf you are using WPA-TKIP in your WLAN, you should switch to AES-CCMP immediately.\nFor Field Xpert tablet PC for device configuration (SMT70) running Windows 10 Pro 1703 64 EN, Endress+Hauser strongly recommends updating to the newest available Windows version.\nAs a general security measure Endress+Hauser strongly recommends to protect network access to the WIFI network with appropriate mechanisms. It is advised to configure the environment in order to run the devices in a protected IT environment.\n\nNote: This advisory will be updated as further details and/or software updates become available.",
          "group_ids": [
            "CSAFGID-0001"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "HIGH",
            "attackVector": "ADJACENT_NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "environmentalScore": 5.3,
            "environmentalSeverity": "MEDIUM",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "temporalScore": 5.3,
            "temporalSeverity": "MEDIUM",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N",
            "version": "3.0"
          },
          "products": [
            "CSAFPID-11001",
            "CSAFPID-11002",
            "CSAFPID-11003"
          ]
        }
      ],
      "title": "CVE-2017-13081"
    },
    {
      "cve": "CVE-2017-13082",
      "cwe": {
        "id": "CWE-330",
        "name": "Use of Insufficiently Random Values"
      },
      "notes": [
        {
          "category": "description",
          "text": "Wi-Fi Protected Access (WPA and WPA2) that supports IEEE 802.11r allows reinstallation of the Pairwise Transient Key (PTK) Temporal Key (TK) during the fast BSS transmission (FT) handshake, allowing an attacker within radio range to replay, decrypt, or spoof frames.",
          "title": "Vulnerability Description"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-11001",
          "CSAFPID-11002",
          "CSAFPID-11003"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "For Field Xpert handheld devices (SFX350/SFX370) running Windows Mobile, Endress+Hauser recommends to apply the security updates provided by Microsoft.\n\nIntermec/Honeywell as producer of the basis of the handheld provide the following security patch for the Windows Mobile operating system: SR18012500_802T_Cx70_WM65_ALL.CAB\n\nTo obtain this patch, please contact your local Endress+Hauser representative.\nIf you are using WPA-TKIP in your WLAN, you should switch to AES-CCMP immediately.\nFor Field Xpert tablet PC for device configuration (SMT70) running Windows 10 Pro 1703 64 EN, Endress+Hauser strongly recommends updating to the newest available Windows version.\nAs a general security measure Endress+Hauser strongly recommends to protect network access to the WIFI network with appropriate mechanisms. It is advised to configure the environment in order to run the devices in a protected IT environment.\n\nNote: This advisory will be updated as further details and/or software updates become available.",
          "group_ids": [
            "CSAFGID-0001"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "ADJACENT_NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 8.1,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "environmentalScore": 8.1,
            "environmentalSeverity": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "temporalScore": 8.1,
            "temporalSeverity": "HIGH",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
            "version": "3.0"
          },
          "products": [
            "CSAFPID-11001",
            "CSAFPID-11002",
            "CSAFPID-11003"
          ]
        }
      ],
      "title": "CVE-2017-13082"
    },
    {
      "cve": "CVE-2017-13086",
      "cwe": {
        "id": "CWE-330",
        "name": "Use of Insufficiently Random Values"
      },
      "notes": [
        {
          "category": "description",
          "text": "Wi-Fi Protected Access (WPA and WPA2) allows reinstallation of the Tunneled Direct-Link Setup (TDLS) Peer Key (TPK) during the TDLS handshake, allowing an attacker within radio range to replay, decrypt, or spoof frames.",
          "title": "Vulnerability Description"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-11001",
          "CSAFPID-11002",
          "CSAFPID-11003"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "For Field Xpert handheld devices (SFX350/SFX370) running Windows Mobile, Endress+Hauser recommends to apply the security updates provided by Microsoft.\n\nIntermec/Honeywell as producer of the basis of the handheld provide the following security patch for the Windows Mobile operating system: SR18012500_802T_Cx70_WM65_ALL.CAB\n\nTo obtain this patch, please contact your local Endress+Hauser representative.\nIf you are using WPA-TKIP in your WLAN, you should switch to AES-CCMP immediately.\nFor Field Xpert tablet PC for device configuration (SMT70) running Windows 10 Pro 1703 64 EN, Endress+Hauser strongly recommends updating to the newest available Windows version.\nAs a general security measure Endress+Hauser strongly recommends to protect network access to the WIFI network with appropriate mechanisms. It is advised to configure the environment in order to run the devices in a protected IT environment.\n\nNote: This advisory will be updated as further details and/or software updates become available.",
          "group_ids": [
            "CSAFGID-0001"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "HIGH",
            "attackVector": "ADJACENT_NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 6.8,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "HIGH",
            "environmentalScore": 6.8,
            "environmentalSeverity": "MEDIUM",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "temporalScore": 6.8,
            "temporalSeverity": "MEDIUM",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
            "version": "3.0"
          },
          "products": [
            "CSAFPID-11001",
            "CSAFPID-11002",
            "CSAFPID-11003"
          ]
        }
      ],
      "title": "CVE-2017-13086"
    },
    {
      "cve": "CVE-2017-13087",
      "cwe": {
        "id": "CWE-330",
        "name": "Use of Insufficiently Random Values"
      },
      "notes": [
        {
          "category": "description",
          "text": "Wi-Fi Protected Access (WPA and WPA2) that support 802.11v allows reinstallation of the Group Temporal Key (GTK) when processing a Wireless Network Management (WNM) Sleep Mode Response frame, allowing an attacker within radio range to replay frames from access points to clients.",
          "title": "Vulnerability Description"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-11001",
          "CSAFPID-11002",
          "CSAFPID-11003"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "For Field Xpert handheld devices (SFX350/SFX370) running Windows Mobile, Endress+Hauser recommends to apply the security updates provided by Microsoft.\n\nIntermec/Honeywell as producer of the basis of the handheld provide the following security patch for the Windows Mobile operating system: SR18012500_802T_Cx70_WM65_ALL.CAB\n\nTo obtain this patch, please contact your local Endress+Hauser representative.\nIf you are using WPA-TKIP in your WLAN, you should switch to AES-CCMP immediately.\nFor Field Xpert tablet PC for device configuration (SMT70) running Windows 10 Pro 1703 64 EN, Endress+Hauser strongly recommends updating to the newest available Windows version.\nAs a general security measure Endress+Hauser strongly recommends to protect network access to the WIFI network with appropriate mechanisms. It is advised to configure the environment in order to run the devices in a protected IT environment.\n\nNote: This advisory will be updated as further details and/or software updates become available.",
          "group_ids": [
            "CSAFGID-0001"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "HIGH",
            "attackVector": "ADJACENT_NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "environmentalScore": 5.3,
            "environmentalSeverity": "MEDIUM",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "temporalScore": 5.3,
            "temporalSeverity": "MEDIUM",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N",
            "version": "3.0"
          },
          "products": [
            "CSAFPID-11001",
            "CSAFPID-11002",
            "CSAFPID-11003"
          ]
        }
      ],
      "title": "CVE-2017-13087"
    },
    {
      "cve": "CVE-2017-13088",
      "cwe": {
        "id": "CWE-330",
        "name": "Use of Insufficiently Random Values"
      },
      "notes": [
        {
          "category": "description",
          "text": "Wi-Fi Protected Access (WPA and WPA2) that support 802.11v allows reinstallation of the Integrity Group Temporal Key (IGTK) when processing a Wireless Network Management (WNM) Sleep Mode Response frame, allowing an attacker within radio range to replay frames from access points to clients.",
          "title": "Vulnerability Description"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-11001",
          "CSAFPID-11002",
          "CSAFPID-11003"
        ]
      },
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "For Field Xpert handheld devices (SFX350/SFX370) running Windows Mobile, Endress+Hauser recommends to apply the security updates provided by Microsoft.\n\nIntermec/Honeywell as producer of the basis of the handheld provide the following security patch for the Windows Mobile operating system: SR18012500_802T_Cx70_WM65_ALL.CAB\n\nTo obtain this patch, please contact your local Endress+Hauser representative.\nIf you are using WPA-TKIP in your WLAN, you should switch to AES-CCMP immediately.\nFor Field Xpert tablet PC for device configuration (SMT70) running Windows 10 Pro 1703 64 EN, Endress+Hauser strongly recommends updating to the newest available Windows version.\nAs a general security measure Endress+Hauser strongly recommends to protect network access to the WIFI network with appropriate mechanisms. It is advised to configure the environment in order to run the devices in a protected IT environment.\n\nNote: This advisory will be updated as further details and/or software updates become available.",
          "group_ids": [
            "CSAFGID-0001"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "HIGH",
            "attackVector": "ADJACENT_NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "environmentalScore": 5.3,
            "environmentalSeverity": "MEDIUM",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "temporalScore": 5.3,
            "temporalSeverity": "MEDIUM",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N",
            "version": "3.0"
          },
          "products": [
            "CSAFPID-11001",
            "CSAFPID-11002",
            "CSAFPID-11003"
          ]
        }
      ],
      "title": "CVE-2017-13088"
    }
  ]
}

WID-SEC-W-2025-0369

Vulnerability from csaf_certbund - Published: 2017-10-15 22:00 - Updated: 2025-02-16 23:00

Summary

IEEE WPA2: Mehrere Schwachstellen

Severity

Hoch

Notes

Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.

Produktbeschreibung: WPA2 ist der aktuelle Verschlüsselungsstandard für Wireless LAN.

Angriff: Ein entfernter, anonymer Angreifer kann mehrere Schwachstellen in IEEE WPA2 ausnutzen, um Sicherheitsvorkehrungen zu umgehen.

Betroffene Betriebssysteme: - Android - Appliance - BIOS/Firmware - CISCO Appliance - Hardware Appliance - iPhoneOS - Linux - Sonstiges - UNIX - Windows

CVE-2017-13077

Affected products

Known affected 35 products

Product	Identifier	Version
Cisco IP Phone Cisco	`cpe:/h:cisco:ip_phone:-`	—
Specification WPA2 Specification	`cpe:/h:ieee:wpa2:-`	—
Intel BIOS Intel	`cpe:/h:intel:bios:-`	—
Red Hat Enterprise Linux Red Hat	`cpe:/o:redhat:enterprise_linux:-`	—
Juniper ScreenOS Juniper	`cpe:/o:juniper:screenos:-`	—
FreeBSD Project FreeBSD OS FreeBSD Project	`cpe:/o:freebsd:freebsd:-`	—
Microsoft Windows 7 Microsoft	`cpe:/o:microsoft:windows_7:-`	—
Sophos Unified Threat Management (UTM) Software Sophos	`cpe:/a:sophos:unified_threat_management_software:-`	—
Intel Xeon Intel	`cpe:/h:intel:xeon:-`	—
Microsoft Windows Server 2008 R2 Service Pack 1 Microsoft / Windows Server 2008 Service Pack 2	`cpe:/o:microsoft:windows_server_2008:r2:sp1`	—
Oracle Linux Oracle	`cpe:/o:oracle:linux:-`	—
Cisco AP541N Wireless Access Point Cisco	`cpe:/h:cisco:ap541n_wireless_access_point:-`	—
Microsoft Windows 8.1 Microsoft	`cpe:/o:microsoft:windows_8.1:::x86`	—
Microsoft Windows Server 2012 R2 Microsoft / Windows Server 2012	`cpe:/o:microsoft:windows_server_2012:r2`	—
Cisco ASA (Adaptive Security Appliance) cisco	`cpe:/a:cisco:adaptive_security_appliance_device_manager:-`	—
Juniper JUNOS Juniper	`cpe:/o:juniper:junos:-`	—
Cisco Aironet Access Point cisco	`cpe:/h:cisco:aironet_3500:-`	—
Juniper SRX Series Juniper	`cpe:/h:juniper:srx_service_gateways:-`	—
Microsoft Windows Server 2008 Microsoft / Windows Server 2008 Service Pack 2	`cpe:/o:microsoft:windows_server_2008:-`	—
OpenBSD OpenBSD OpenBSD	`cpe:/o:openbsd:openbsd:-`	—
Fortinet FortiOS Fortinet	`cpe:/o:fortinet:fortios:-`	—
AVM FRITZ!WLAN AVM	`cpe:/h:avm:fritzwlan_repeater:-`	—
Microsoft Windows 10 for 32-bit Systems Microsoft / Windows 10	`cpe:/o:microsoft:windows_10:-`	—
Cisco Small Business Cisco	`cpe:/h:cisco:small_business:-`	—
Microsoft Windows Server 2012 Microsoft / Windows Server 2012	`cpe:/o:microsoft:windows_server_2012:-`	—
Microsoft Windows 10 for x64-based Systems Microsoft / Windows 10	`cpe:/o:microsoft:windows_10:x64`	—
Debian Linux Debian	`cpe:/o:debian:debian_linux:-`	—
SUSE Linux SUSE	`cpe:/o:suse:suse_linux:-`	—
Ubuntu Linux Ubuntu	`cpe:/o:canonical:ubuntu_linux:-`	—
Cisco AnyConnect Secure Mobility Solution Cisco	`cpe:/a:cisco:anyconnect_secure_mobility_client:-`	—
SUSE openSUSE SUSE	`cpe:/o:suse:opensuse:-`	—
AVM FRITZ!Box AVM	`cpe:/o:avm:fritzos:-`	—
Open Source CentOS Open Source	`cpe:/o:centos:centos:-`	—
Fortinet FortiGate Fortinet	`cpe:/h:fortinet:fortigate:-`	—
Microsoft Windows Server 2016 Microsoft	`cpe:/o:microsoft:windows_server_2016:-`	—

CVE-2017-13078

Affected products

Known affected 35 products

Product	Identifier	Version
Cisco IP Phone Cisco	`cpe:/h:cisco:ip_phone:-`	—
Specification WPA2 Specification	`cpe:/h:ieee:wpa2:-`	—
Intel BIOS Intel	`cpe:/h:intel:bios:-`	—
Red Hat Enterprise Linux Red Hat	`cpe:/o:redhat:enterprise_linux:-`	—
Juniper ScreenOS Juniper	`cpe:/o:juniper:screenos:-`	—
FreeBSD Project FreeBSD OS FreeBSD Project	`cpe:/o:freebsd:freebsd:-`	—
Microsoft Windows 7 Microsoft	`cpe:/o:microsoft:windows_7:-`	—
Sophos Unified Threat Management (UTM) Software Sophos	`cpe:/a:sophos:unified_threat_management_software:-`	—
Intel Xeon Intel	`cpe:/h:intel:xeon:-`	—
Microsoft Windows Server 2008 R2 Service Pack 1 Microsoft / Windows Server 2008 Service Pack 2	`cpe:/o:microsoft:windows_server_2008:r2:sp1`	—
Oracle Linux Oracle	`cpe:/o:oracle:linux:-`	—
Cisco AP541N Wireless Access Point Cisco	`cpe:/h:cisco:ap541n_wireless_access_point:-`	—
Microsoft Windows 8.1 Microsoft	`cpe:/o:microsoft:windows_8.1:::x86`	—
Microsoft Windows Server 2012 R2 Microsoft / Windows Server 2012	`cpe:/o:microsoft:windows_server_2012:r2`	—
Cisco ASA (Adaptive Security Appliance) cisco	`cpe:/a:cisco:adaptive_security_appliance_device_manager:-`	—
Juniper JUNOS Juniper	`cpe:/o:juniper:junos:-`	—
Cisco Aironet Access Point cisco	`cpe:/h:cisco:aironet_3500:-`	—
Juniper SRX Series Juniper	`cpe:/h:juniper:srx_service_gateways:-`	—
Microsoft Windows Server 2008 Microsoft / Windows Server 2008 Service Pack 2	`cpe:/o:microsoft:windows_server_2008:-`	—
OpenBSD OpenBSD OpenBSD	`cpe:/o:openbsd:openbsd:-`	—
Fortinet FortiOS Fortinet	`cpe:/o:fortinet:fortios:-`	—
AVM FRITZ!WLAN AVM	`cpe:/h:avm:fritzwlan_repeater:-`	—
Microsoft Windows 10 for 32-bit Systems Microsoft / Windows 10	`cpe:/o:microsoft:windows_10:-`	—
Cisco Small Business Cisco	`cpe:/h:cisco:small_business:-`	—
Microsoft Windows Server 2012 Microsoft / Windows Server 2012	`cpe:/o:microsoft:windows_server_2012:-`	—
Microsoft Windows 10 for x64-based Systems Microsoft / Windows 10	`cpe:/o:microsoft:windows_10:x64`	—
Debian Linux Debian	`cpe:/o:debian:debian_linux:-`	—
SUSE Linux SUSE	`cpe:/o:suse:suse_linux:-`	—
Ubuntu Linux Ubuntu	`cpe:/o:canonical:ubuntu_linux:-`	—
Cisco AnyConnect Secure Mobility Solution Cisco	`cpe:/a:cisco:anyconnect_secure_mobility_client:-`	—
SUSE openSUSE SUSE	`cpe:/o:suse:opensuse:-`	—
AVM FRITZ!Box AVM	`cpe:/o:avm:fritzos:-`	—
Open Source CentOS Open Source	`cpe:/o:centos:centos:-`	—
Fortinet FortiGate Fortinet	`cpe:/h:fortinet:fortigate:-`	—
Microsoft Windows Server 2016 Microsoft	`cpe:/o:microsoft:windows_server_2016:-`	—

CVE-2017-13079

Affected products

Known affected 35 products

Product	Identifier	Version
Cisco IP Phone Cisco	`cpe:/h:cisco:ip_phone:-`	—
Specification WPA2 Specification	`cpe:/h:ieee:wpa2:-`	—
Intel BIOS Intel	`cpe:/h:intel:bios:-`	—
Red Hat Enterprise Linux Red Hat	`cpe:/o:redhat:enterprise_linux:-`	—
Juniper ScreenOS Juniper	`cpe:/o:juniper:screenos:-`	—
FreeBSD Project FreeBSD OS FreeBSD Project	`cpe:/o:freebsd:freebsd:-`	—
Microsoft Windows 7 Microsoft	`cpe:/o:microsoft:windows_7:-`	—
Sophos Unified Threat Management (UTM) Software Sophos	`cpe:/a:sophos:unified_threat_management_software:-`	—
Intel Xeon Intel	`cpe:/h:intel:xeon:-`	—
Microsoft Windows Server 2008 R2 Service Pack 1 Microsoft / Windows Server 2008 Service Pack 2	`cpe:/o:microsoft:windows_server_2008:r2:sp1`	—
Oracle Linux Oracle	`cpe:/o:oracle:linux:-`	—
Cisco AP541N Wireless Access Point Cisco	`cpe:/h:cisco:ap541n_wireless_access_point:-`	—
Microsoft Windows 8.1 Microsoft	`cpe:/o:microsoft:windows_8.1:::x86`	—
Microsoft Windows Server 2012 R2 Microsoft / Windows Server 2012	`cpe:/o:microsoft:windows_server_2012:r2`	—
Cisco ASA (Adaptive Security Appliance) cisco	`cpe:/a:cisco:adaptive_security_appliance_device_manager:-`	—
Juniper JUNOS Juniper	`cpe:/o:juniper:junos:-`	—
Cisco Aironet Access Point cisco	`cpe:/h:cisco:aironet_3500:-`	—
Juniper SRX Series Juniper	`cpe:/h:juniper:srx_service_gateways:-`	—
Microsoft Windows Server 2008 Microsoft / Windows Server 2008 Service Pack 2	`cpe:/o:microsoft:windows_server_2008:-`	—
OpenBSD OpenBSD OpenBSD	`cpe:/o:openbsd:openbsd:-`	—
Fortinet FortiOS Fortinet	`cpe:/o:fortinet:fortios:-`	—
AVM FRITZ!WLAN AVM	`cpe:/h:avm:fritzwlan_repeater:-`	—
Microsoft Windows 10 for 32-bit Systems Microsoft / Windows 10	`cpe:/o:microsoft:windows_10:-`	—
Cisco Small Business Cisco	`cpe:/h:cisco:small_business:-`	—
Microsoft Windows Server 2012 Microsoft / Windows Server 2012	`cpe:/o:microsoft:windows_server_2012:-`	—
Microsoft Windows 10 for x64-based Systems Microsoft / Windows 10	`cpe:/o:microsoft:windows_10:x64`	—
Debian Linux Debian	`cpe:/o:debian:debian_linux:-`	—
SUSE Linux SUSE	`cpe:/o:suse:suse_linux:-`	—
Ubuntu Linux Ubuntu	`cpe:/o:canonical:ubuntu_linux:-`	—
Cisco AnyConnect Secure Mobility Solution Cisco	`cpe:/a:cisco:anyconnect_secure_mobility_client:-`	—
SUSE openSUSE SUSE	`cpe:/o:suse:opensuse:-`	—
AVM FRITZ!Box AVM	`cpe:/o:avm:fritzos:-`	—
Open Source CentOS Open Source	`cpe:/o:centos:centos:-`	—
Fortinet FortiGate Fortinet	`cpe:/h:fortinet:fortigate:-`	—
Microsoft Windows Server 2016 Microsoft	`cpe:/o:microsoft:windows_server_2016:-`	—

CVE-2017-13080

Affected products

Known affected 35 products

Product	Identifier	Version
Cisco IP Phone Cisco	`cpe:/h:cisco:ip_phone:-`	—
Specification WPA2 Specification	`cpe:/h:ieee:wpa2:-`	—
Intel BIOS Intel	`cpe:/h:intel:bios:-`	—
Red Hat Enterprise Linux Red Hat	`cpe:/o:redhat:enterprise_linux:-`	—
Juniper ScreenOS Juniper	`cpe:/o:juniper:screenos:-`	—
FreeBSD Project FreeBSD OS FreeBSD Project	`cpe:/o:freebsd:freebsd:-`	—
Microsoft Windows 7 Microsoft	`cpe:/o:microsoft:windows_7:-`	—
Sophos Unified Threat Management (UTM) Software Sophos	`cpe:/a:sophos:unified_threat_management_software:-`	—
Intel Xeon Intel	`cpe:/h:intel:xeon:-`	—
Microsoft Windows Server 2008 R2 Service Pack 1 Microsoft / Windows Server 2008 Service Pack 2	`cpe:/o:microsoft:windows_server_2008:r2:sp1`	—
Oracle Linux Oracle	`cpe:/o:oracle:linux:-`	—
Cisco AP541N Wireless Access Point Cisco	`cpe:/h:cisco:ap541n_wireless_access_point:-`	—
Microsoft Windows 8.1 Microsoft	`cpe:/o:microsoft:windows_8.1:::x86`	—
Microsoft Windows Server 2012 R2 Microsoft / Windows Server 2012	`cpe:/o:microsoft:windows_server_2012:r2`	—
Cisco ASA (Adaptive Security Appliance) cisco	`cpe:/a:cisco:adaptive_security_appliance_device_manager:-`	—
Juniper JUNOS Juniper	`cpe:/o:juniper:junos:-`	—
Cisco Aironet Access Point cisco	`cpe:/h:cisco:aironet_3500:-`	—
Juniper SRX Series Juniper	`cpe:/h:juniper:srx_service_gateways:-`	—
Microsoft Windows Server 2008 Microsoft / Windows Server 2008 Service Pack 2	`cpe:/o:microsoft:windows_server_2008:-`	—
OpenBSD OpenBSD OpenBSD	`cpe:/o:openbsd:openbsd:-`	—
Fortinet FortiOS Fortinet	`cpe:/o:fortinet:fortios:-`	—
AVM FRITZ!WLAN AVM	`cpe:/h:avm:fritzwlan_repeater:-`	—
Microsoft Windows 10 for 32-bit Systems Microsoft / Windows 10	`cpe:/o:microsoft:windows_10:-`	—
Cisco Small Business Cisco	`cpe:/h:cisco:small_business:-`	—
Microsoft Windows Server 2012 Microsoft / Windows Server 2012	`cpe:/o:microsoft:windows_server_2012:-`	—
Microsoft Windows 10 for x64-based Systems Microsoft / Windows 10	`cpe:/o:microsoft:windows_10:x64`	—
Debian Linux Debian	`cpe:/o:debian:debian_linux:-`	—
SUSE Linux SUSE	`cpe:/o:suse:suse_linux:-`	—
Ubuntu Linux Ubuntu	`cpe:/o:canonical:ubuntu_linux:-`	—
Cisco AnyConnect Secure Mobility Solution Cisco	`cpe:/a:cisco:anyconnect_secure_mobility_client:-`	—
SUSE openSUSE SUSE	`cpe:/o:suse:opensuse:-`	—
AVM FRITZ!Box AVM	`cpe:/o:avm:fritzos:-`	—
Open Source CentOS Open Source	`cpe:/o:centos:centos:-`	—
Fortinet FortiGate Fortinet	`cpe:/h:fortinet:fortigate:-`	—
Microsoft Windows Server 2016 Microsoft	`cpe:/o:microsoft:windows_server_2016:-`	—

CVE-2017-13081

Affected products

Known affected 35 products

Product	Identifier	Version
Cisco IP Phone Cisco	`cpe:/h:cisco:ip_phone:-`	—
Specification WPA2 Specification	`cpe:/h:ieee:wpa2:-`	—
Intel BIOS Intel	`cpe:/h:intel:bios:-`	—
Red Hat Enterprise Linux Red Hat	`cpe:/o:redhat:enterprise_linux:-`	—
Juniper ScreenOS Juniper	`cpe:/o:juniper:screenos:-`	—
FreeBSD Project FreeBSD OS FreeBSD Project	`cpe:/o:freebsd:freebsd:-`	—
Microsoft Windows 7 Microsoft	`cpe:/o:microsoft:windows_7:-`	—
Sophos Unified Threat Management (UTM) Software Sophos	`cpe:/a:sophos:unified_threat_management_software:-`	—
Intel Xeon Intel	`cpe:/h:intel:xeon:-`	—
Microsoft Windows Server 2008 R2 Service Pack 1 Microsoft / Windows Server 2008 Service Pack 2	`cpe:/o:microsoft:windows_server_2008:r2:sp1`	—
Oracle Linux Oracle	`cpe:/o:oracle:linux:-`	—
Cisco AP541N Wireless Access Point Cisco	`cpe:/h:cisco:ap541n_wireless_access_point:-`	—
Microsoft Windows 8.1 Microsoft	`cpe:/o:microsoft:windows_8.1:::x86`	—
Microsoft Windows Server 2012 R2 Microsoft / Windows Server 2012	`cpe:/o:microsoft:windows_server_2012:r2`	—
Cisco ASA (Adaptive Security Appliance) cisco	`cpe:/a:cisco:adaptive_security_appliance_device_manager:-`	—
Juniper JUNOS Juniper	`cpe:/o:juniper:junos:-`	—
Cisco Aironet Access Point cisco	`cpe:/h:cisco:aironet_3500:-`	—
Juniper SRX Series Juniper	`cpe:/h:juniper:srx_service_gateways:-`	—
Microsoft Windows Server 2008 Microsoft / Windows Server 2008 Service Pack 2	`cpe:/o:microsoft:windows_server_2008:-`	—
OpenBSD OpenBSD OpenBSD	`cpe:/o:openbsd:openbsd:-`	—
Fortinet FortiOS Fortinet	`cpe:/o:fortinet:fortios:-`	—
AVM FRITZ!WLAN AVM	`cpe:/h:avm:fritzwlan_repeater:-`	—
Microsoft Windows 10 for 32-bit Systems Microsoft / Windows 10	`cpe:/o:microsoft:windows_10:-`	—
Cisco Small Business Cisco	`cpe:/h:cisco:small_business:-`	—
Microsoft Windows Server 2012 Microsoft / Windows Server 2012	`cpe:/o:microsoft:windows_server_2012:-`	—
Microsoft Windows 10 for x64-based Systems Microsoft / Windows 10	`cpe:/o:microsoft:windows_10:x64`	—
Debian Linux Debian	`cpe:/o:debian:debian_linux:-`	—
SUSE Linux SUSE	`cpe:/o:suse:suse_linux:-`	—
Ubuntu Linux Ubuntu	`cpe:/o:canonical:ubuntu_linux:-`	—
Cisco AnyConnect Secure Mobility Solution Cisco	`cpe:/a:cisco:anyconnect_secure_mobility_client:-`	—
SUSE openSUSE SUSE	`cpe:/o:suse:opensuse:-`	—
AVM FRITZ!Box AVM	`cpe:/o:avm:fritzos:-`	—
Open Source CentOS Open Source	`cpe:/o:centos:centos:-`	—
Fortinet FortiGate Fortinet	`cpe:/h:fortinet:fortigate:-`	—
Microsoft Windows Server 2016 Microsoft	`cpe:/o:microsoft:windows_server_2016:-`	—

CVE-2017-13082

Affected products

Known affected 35 products

Product	Identifier	Version
Cisco IP Phone Cisco	`cpe:/h:cisco:ip_phone:-`	—
Specification WPA2 Specification	`cpe:/h:ieee:wpa2:-`	—
Intel BIOS Intel	`cpe:/h:intel:bios:-`	—
Red Hat Enterprise Linux Red Hat	`cpe:/o:redhat:enterprise_linux:-`	—
Juniper ScreenOS Juniper	`cpe:/o:juniper:screenos:-`	—
FreeBSD Project FreeBSD OS FreeBSD Project	`cpe:/o:freebsd:freebsd:-`	—
Microsoft Windows 7 Microsoft	`cpe:/o:microsoft:windows_7:-`	—
Sophos Unified Threat Management (UTM) Software Sophos	`cpe:/a:sophos:unified_threat_management_software:-`	—
Intel Xeon Intel	`cpe:/h:intel:xeon:-`	—
Microsoft Windows Server 2008 R2 Service Pack 1 Microsoft / Windows Server 2008 Service Pack 2	`cpe:/o:microsoft:windows_server_2008:r2:sp1`	—
Oracle Linux Oracle	`cpe:/o:oracle:linux:-`	—
Cisco AP541N Wireless Access Point Cisco	`cpe:/h:cisco:ap541n_wireless_access_point:-`	—
Microsoft Windows 8.1 Microsoft	`cpe:/o:microsoft:windows_8.1:::x86`	—
Microsoft Windows Server 2012 R2 Microsoft / Windows Server 2012	`cpe:/o:microsoft:windows_server_2012:r2`	—
Cisco ASA (Adaptive Security Appliance) cisco	`cpe:/a:cisco:adaptive_security_appliance_device_manager:-`	—
Juniper JUNOS Juniper	`cpe:/o:juniper:junos:-`	—
Cisco Aironet Access Point cisco	`cpe:/h:cisco:aironet_3500:-`	—
Juniper SRX Series Juniper	`cpe:/h:juniper:srx_service_gateways:-`	—
Microsoft Windows Server 2008 Microsoft / Windows Server 2008 Service Pack 2	`cpe:/o:microsoft:windows_server_2008:-`	—
OpenBSD OpenBSD OpenBSD	`cpe:/o:openbsd:openbsd:-`	—
Fortinet FortiOS Fortinet	`cpe:/o:fortinet:fortios:-`	—
AVM FRITZ!WLAN AVM	`cpe:/h:avm:fritzwlan_repeater:-`	—
Microsoft Windows 10 for 32-bit Systems Microsoft / Windows 10	`cpe:/o:microsoft:windows_10:-`	—
Cisco Small Business Cisco	`cpe:/h:cisco:small_business:-`	—
Microsoft Windows Server 2012 Microsoft / Windows Server 2012	`cpe:/o:microsoft:windows_server_2012:-`	—
Microsoft Windows 10 for x64-based Systems Microsoft / Windows 10	`cpe:/o:microsoft:windows_10:x64`	—
Debian Linux Debian	`cpe:/o:debian:debian_linux:-`	—
SUSE Linux SUSE	`cpe:/o:suse:suse_linux:-`	—
Ubuntu Linux Ubuntu	`cpe:/o:canonical:ubuntu_linux:-`	—
Cisco AnyConnect Secure Mobility Solution Cisco	`cpe:/a:cisco:anyconnect_secure_mobility_client:-`	—
SUSE openSUSE SUSE	`cpe:/o:suse:opensuse:-`	—
AVM FRITZ!Box AVM	`cpe:/o:avm:fritzos:-`	—
Open Source CentOS Open Source	`cpe:/o:centos:centos:-`	—
Fortinet FortiGate Fortinet	`cpe:/h:fortinet:fortigate:-`	—
Microsoft Windows Server 2016 Microsoft	`cpe:/o:microsoft:windows_server_2016:-`	—

CVE-2017-13084

Affected products

Known affected 35 products

Product	Identifier	Version
Cisco IP Phone Cisco	`cpe:/h:cisco:ip_phone:-`	—
Specification WPA2 Specification	`cpe:/h:ieee:wpa2:-`	—
Intel BIOS Intel	`cpe:/h:intel:bios:-`	—
Red Hat Enterprise Linux Red Hat	`cpe:/o:redhat:enterprise_linux:-`	—
Juniper ScreenOS Juniper	`cpe:/o:juniper:screenos:-`	—
FreeBSD Project FreeBSD OS FreeBSD Project	`cpe:/o:freebsd:freebsd:-`	—
Microsoft Windows 7 Microsoft	`cpe:/o:microsoft:windows_7:-`	—
Sophos Unified Threat Management (UTM) Software Sophos	`cpe:/a:sophos:unified_threat_management_software:-`	—
Intel Xeon Intel	`cpe:/h:intel:xeon:-`	—
Microsoft Windows Server 2008 R2 Service Pack 1 Microsoft / Windows Server 2008 Service Pack 2	`cpe:/o:microsoft:windows_server_2008:r2:sp1`	—
Oracle Linux Oracle	`cpe:/o:oracle:linux:-`	—
Cisco AP541N Wireless Access Point Cisco	`cpe:/h:cisco:ap541n_wireless_access_point:-`	—
Microsoft Windows 8.1 Microsoft	`cpe:/o:microsoft:windows_8.1:::x86`	—
Microsoft Windows Server 2012 R2 Microsoft / Windows Server 2012	`cpe:/o:microsoft:windows_server_2012:r2`	—
Cisco ASA (Adaptive Security Appliance) cisco	`cpe:/a:cisco:adaptive_security_appliance_device_manager:-`	—
Juniper JUNOS Juniper	`cpe:/o:juniper:junos:-`	—
Cisco Aironet Access Point cisco	`cpe:/h:cisco:aironet_3500:-`	—
Juniper SRX Series Juniper	`cpe:/h:juniper:srx_service_gateways:-`	—
Microsoft Windows Server 2008 Microsoft / Windows Server 2008 Service Pack 2	`cpe:/o:microsoft:windows_server_2008:-`	—
OpenBSD OpenBSD OpenBSD	`cpe:/o:openbsd:openbsd:-`	—
Fortinet FortiOS Fortinet	`cpe:/o:fortinet:fortios:-`	—
AVM FRITZ!WLAN AVM	`cpe:/h:avm:fritzwlan_repeater:-`	—
Microsoft Windows 10 for 32-bit Systems Microsoft / Windows 10	`cpe:/o:microsoft:windows_10:-`	—
Cisco Small Business Cisco	`cpe:/h:cisco:small_business:-`	—
Microsoft Windows Server 2012 Microsoft / Windows Server 2012	`cpe:/o:microsoft:windows_server_2012:-`	—
Microsoft Windows 10 for x64-based Systems Microsoft / Windows 10	`cpe:/o:microsoft:windows_10:x64`	—
Debian Linux Debian	`cpe:/o:debian:debian_linux:-`	—
SUSE Linux SUSE	`cpe:/o:suse:suse_linux:-`	—
Ubuntu Linux Ubuntu	`cpe:/o:canonical:ubuntu_linux:-`	—
Cisco AnyConnect Secure Mobility Solution Cisco	`cpe:/a:cisco:anyconnect_secure_mobility_client:-`	—
SUSE openSUSE SUSE	`cpe:/o:suse:opensuse:-`	—
AVM FRITZ!Box AVM	`cpe:/o:avm:fritzos:-`	—
Open Source CentOS Open Source	`cpe:/o:centos:centos:-`	—
Fortinet FortiGate Fortinet	`cpe:/h:fortinet:fortigate:-`	—
Microsoft Windows Server 2016 Microsoft	`cpe:/o:microsoft:windows_server_2016:-`	—

CVE-2017-13086

Affected products

Known affected 35 products

Product	Identifier	Version
Cisco IP Phone Cisco	`cpe:/h:cisco:ip_phone:-`	—
Specification WPA2 Specification	`cpe:/h:ieee:wpa2:-`	—
Intel BIOS Intel	`cpe:/h:intel:bios:-`	—
Red Hat Enterprise Linux Red Hat	`cpe:/o:redhat:enterprise_linux:-`	—
Juniper ScreenOS Juniper	`cpe:/o:juniper:screenos:-`	—
FreeBSD Project FreeBSD OS FreeBSD Project	`cpe:/o:freebsd:freebsd:-`	—
Microsoft Windows 7 Microsoft	`cpe:/o:microsoft:windows_7:-`	—
Sophos Unified Threat Management (UTM) Software Sophos	`cpe:/a:sophos:unified_threat_management_software:-`	—
Intel Xeon Intel	`cpe:/h:intel:xeon:-`	—
Microsoft Windows Server 2008 R2 Service Pack 1 Microsoft / Windows Server 2008 Service Pack 2	`cpe:/o:microsoft:windows_server_2008:r2:sp1`	—
Oracle Linux Oracle	`cpe:/o:oracle:linux:-`	—
Cisco AP541N Wireless Access Point Cisco	`cpe:/h:cisco:ap541n_wireless_access_point:-`	—
Microsoft Windows 8.1 Microsoft	`cpe:/o:microsoft:windows_8.1:::x86`	—
Microsoft Windows Server 2012 R2 Microsoft / Windows Server 2012	`cpe:/o:microsoft:windows_server_2012:r2`	—
Cisco ASA (Adaptive Security Appliance) cisco	`cpe:/a:cisco:adaptive_security_appliance_device_manager:-`	—
Juniper JUNOS Juniper	`cpe:/o:juniper:junos:-`	—
Cisco Aironet Access Point cisco	`cpe:/h:cisco:aironet_3500:-`	—
Juniper SRX Series Juniper	`cpe:/h:juniper:srx_service_gateways:-`	—
Microsoft Windows Server 2008 Microsoft / Windows Server 2008 Service Pack 2	`cpe:/o:microsoft:windows_server_2008:-`	—
OpenBSD OpenBSD OpenBSD	`cpe:/o:openbsd:openbsd:-`	—
Fortinet FortiOS Fortinet	`cpe:/o:fortinet:fortios:-`	—
AVM FRITZ!WLAN AVM	`cpe:/h:avm:fritzwlan_repeater:-`	—
Microsoft Windows 10 for 32-bit Systems Microsoft / Windows 10	`cpe:/o:microsoft:windows_10:-`	—
Cisco Small Business Cisco	`cpe:/h:cisco:small_business:-`	—
Microsoft Windows Server 2012 Microsoft / Windows Server 2012	`cpe:/o:microsoft:windows_server_2012:-`	—
Microsoft Windows 10 for x64-based Systems Microsoft / Windows 10	`cpe:/o:microsoft:windows_10:x64`	—
Debian Linux Debian	`cpe:/o:debian:debian_linux:-`	—
SUSE Linux SUSE	`cpe:/o:suse:suse_linux:-`	—
Ubuntu Linux Ubuntu	`cpe:/o:canonical:ubuntu_linux:-`	—
Cisco AnyConnect Secure Mobility Solution Cisco	`cpe:/a:cisco:anyconnect_secure_mobility_client:-`	—
SUSE openSUSE SUSE	`cpe:/o:suse:opensuse:-`	—
AVM FRITZ!Box AVM	`cpe:/o:avm:fritzos:-`	—
Open Source CentOS Open Source	`cpe:/o:centos:centos:-`	—
Fortinet FortiGate Fortinet	`cpe:/h:fortinet:fortigate:-`	—
Microsoft Windows Server 2016 Microsoft	`cpe:/o:microsoft:windows_server_2016:-`	—

CVE-2017-13087

Affected products

Known affected 35 products

Product	Identifier	Version
Cisco IP Phone Cisco	`cpe:/h:cisco:ip_phone:-`	—
Specification WPA2 Specification	`cpe:/h:ieee:wpa2:-`	—
Intel BIOS Intel	`cpe:/h:intel:bios:-`	—
Red Hat Enterprise Linux Red Hat	`cpe:/o:redhat:enterprise_linux:-`	—
Juniper ScreenOS Juniper	`cpe:/o:juniper:screenos:-`	—
FreeBSD Project FreeBSD OS FreeBSD Project	`cpe:/o:freebsd:freebsd:-`	—
Microsoft Windows 7 Microsoft	`cpe:/o:microsoft:windows_7:-`	—
Sophos Unified Threat Management (UTM) Software Sophos	`cpe:/a:sophos:unified_threat_management_software:-`	—
Intel Xeon Intel	`cpe:/h:intel:xeon:-`	—
Microsoft Windows Server 2008 R2 Service Pack 1 Microsoft / Windows Server 2008 Service Pack 2	`cpe:/o:microsoft:windows_server_2008:r2:sp1`	—
Oracle Linux Oracle	`cpe:/o:oracle:linux:-`	—
Cisco AP541N Wireless Access Point Cisco	`cpe:/h:cisco:ap541n_wireless_access_point:-`	—
Microsoft Windows 8.1 Microsoft	`cpe:/o:microsoft:windows_8.1:::x86`	—
Microsoft Windows Server 2012 R2 Microsoft / Windows Server 2012	`cpe:/o:microsoft:windows_server_2012:r2`	—
Cisco ASA (Adaptive Security Appliance) cisco	`cpe:/a:cisco:adaptive_security_appliance_device_manager:-`	—
Juniper JUNOS Juniper	`cpe:/o:juniper:junos:-`	—
Cisco Aironet Access Point cisco	`cpe:/h:cisco:aironet_3500:-`	—
Juniper SRX Series Juniper	`cpe:/h:juniper:srx_service_gateways:-`	—
Microsoft Windows Server 2008 Microsoft / Windows Server 2008 Service Pack 2	`cpe:/o:microsoft:windows_server_2008:-`	—
OpenBSD OpenBSD OpenBSD	`cpe:/o:openbsd:openbsd:-`	—
Fortinet FortiOS Fortinet	`cpe:/o:fortinet:fortios:-`	—
AVM FRITZ!WLAN AVM	`cpe:/h:avm:fritzwlan_repeater:-`	—
Microsoft Windows 10 for 32-bit Systems Microsoft / Windows 10	`cpe:/o:microsoft:windows_10:-`	—
Cisco Small Business Cisco	`cpe:/h:cisco:small_business:-`	—
Microsoft Windows Server 2012 Microsoft / Windows Server 2012	`cpe:/o:microsoft:windows_server_2012:-`	—
Microsoft Windows 10 for x64-based Systems Microsoft / Windows 10	`cpe:/o:microsoft:windows_10:x64`	—
Debian Linux Debian	`cpe:/o:debian:debian_linux:-`	—
SUSE Linux SUSE	`cpe:/o:suse:suse_linux:-`	—
Ubuntu Linux Ubuntu	`cpe:/o:canonical:ubuntu_linux:-`	—
Cisco AnyConnect Secure Mobility Solution Cisco	`cpe:/a:cisco:anyconnect_secure_mobility_client:-`	—
SUSE openSUSE SUSE	`cpe:/o:suse:opensuse:-`	—
AVM FRITZ!Box AVM	`cpe:/o:avm:fritzos:-`	—
Open Source CentOS Open Source	`cpe:/o:centos:centos:-`	—
Fortinet FortiGate Fortinet	`cpe:/h:fortinet:fortigate:-`	—
Microsoft Windows Server 2016 Microsoft	`cpe:/o:microsoft:windows_server_2016:-`	—

CVE-2017-13088

Affected products

Known affected 35 products

Product	Identifier	Version
Cisco IP Phone Cisco	`cpe:/h:cisco:ip_phone:-`	—
Specification WPA2 Specification	`cpe:/h:ieee:wpa2:-`	—
Intel BIOS Intel	`cpe:/h:intel:bios:-`	—
Red Hat Enterprise Linux Red Hat	`cpe:/o:redhat:enterprise_linux:-`	—
Juniper ScreenOS Juniper	`cpe:/o:juniper:screenos:-`	—
FreeBSD Project FreeBSD OS FreeBSD Project	`cpe:/o:freebsd:freebsd:-`	—
Microsoft Windows 7 Microsoft	`cpe:/o:microsoft:windows_7:-`	—
Sophos Unified Threat Management (UTM) Software Sophos	`cpe:/a:sophos:unified_threat_management_software:-`	—
Intel Xeon Intel	`cpe:/h:intel:xeon:-`	—
Microsoft Windows Server 2008 R2 Service Pack 1 Microsoft / Windows Server 2008 Service Pack 2	`cpe:/o:microsoft:windows_server_2008:r2:sp1`	—
Oracle Linux Oracle	`cpe:/o:oracle:linux:-`	—
Cisco AP541N Wireless Access Point Cisco	`cpe:/h:cisco:ap541n_wireless_access_point:-`	—
Microsoft Windows 8.1 Microsoft	`cpe:/o:microsoft:windows_8.1:::x86`	—
Microsoft Windows Server 2012 R2 Microsoft / Windows Server 2012	`cpe:/o:microsoft:windows_server_2012:r2`	—
Cisco ASA (Adaptive Security Appliance) cisco	`cpe:/a:cisco:adaptive_security_appliance_device_manager:-`	—
Juniper JUNOS Juniper	`cpe:/o:juniper:junos:-`	—
Cisco Aironet Access Point cisco	`cpe:/h:cisco:aironet_3500:-`	—
Juniper SRX Series Juniper	`cpe:/h:juniper:srx_service_gateways:-`	—
Microsoft Windows Server 2008 Microsoft / Windows Server 2008 Service Pack 2	`cpe:/o:microsoft:windows_server_2008:-`	—
OpenBSD OpenBSD OpenBSD	`cpe:/o:openbsd:openbsd:-`	—
Fortinet FortiOS Fortinet	`cpe:/o:fortinet:fortios:-`	—
AVM FRITZ!WLAN AVM	`cpe:/h:avm:fritzwlan_repeater:-`	—
Microsoft Windows 10 for 32-bit Systems Microsoft / Windows 10	`cpe:/o:microsoft:windows_10:-`	—
Cisco Small Business Cisco	`cpe:/h:cisco:small_business:-`	—
Microsoft Windows Server 2012 Microsoft / Windows Server 2012	`cpe:/o:microsoft:windows_server_2012:-`	—
Microsoft Windows 10 for x64-based Systems Microsoft / Windows 10	`cpe:/o:microsoft:windows_10:x64`	—
Debian Linux Debian	`cpe:/o:debian:debian_linux:-`	—
SUSE Linux SUSE	`cpe:/o:suse:suse_linux:-`	—
Ubuntu Linux Ubuntu	`cpe:/o:canonical:ubuntu_linux:-`	—
Cisco AnyConnect Secure Mobility Solution Cisco	`cpe:/a:cisco:anyconnect_secure_mobility_client:-`	—
SUSE openSUSE SUSE	`cpe:/o:suse:opensuse:-`	—
AVM FRITZ!Box AVM	`cpe:/o:avm:fritzos:-`	—
Open Source CentOS Open Source	`cpe:/o:centos:centos:-`	—
Fortinet FortiGate Fortinet	`cpe:/h:fortinet:fortigate:-`	—
Microsoft Windows Server 2016 Microsoft	`cpe:/o:microsoft:windows_server_2016:-`	—

References

54 references

URL	Category
https://wid.cert-bund.de/.well-known/csaf/white/2…	self
https://wid.cert-bund.de/portal/wid/securityadvis…	self
http://seclists.org/oss-sec/2017/q4/83	external
https://www.krackattacks.com/	external
https://lists.debian.org/debian-security-announce…	external
https://security-center.intel.com/advisory.aspx?i…	external
http://www.ubuntu.com/usn/usn-3455-1/	external
https://community.sophos.com/kb/en-us/127658	external
https://tools.cisco.com/security/center/content/C…	external
https://portal.msrc.microsoft.com/en-US/security-…	external
https://kb.juniper.net/InfoCenter/index?page=cont…	external
https://lists.freebsd.org/pipermail/freebsd-annou…	external
https://www.suse.com/support/update/announcement/…	external
https://access.redhat.com/errata/RHSA-2017:2907	external
https://www.suse.com/support/update/announcement/…	external
http://linux.oracle.com/errata/ELSA-2017-2907.html	external
http://centos-announce.2309468.n4.nabble.com/Cent…	external
https://access.redhat.com/errata/RHSA-2017:2911	external
https://lists.centos.org/pipermail/centos-announc…	external
https://avm.de/service/aktuelle-sicherheitshinweise/	external
http://fortiguard.com/psirt/FG-IR-17-196	external
https://www.suse.com/support/update/announcement/…	external
https://tools.cisco.com/security/center/content/C…	external
https://www.suse.com/support/update/announcement/…	external
https://www.suse.com/support/update/announcement/…	external
https://www.suse.com/support/update/announcement/…	external
https://security-center.intel.com/advisory.aspx?i…	external
https://www.suse.com/support/update/announcement/…	external
https://www.suse.com/support/update/announcement/…	external
https://www.suse.com/support/update/announcement/…	external
https://www.suse.com/support/update/announcement/…	external
https://www.suse.com/support/update/announcement/…	external
https://www.suse.com/support/update/announcement/…	external
https://www.suse.com/support/update/announcement/…	external
https://www.suse.com/support/update/announcement/…	external
https://www.suse.com/support/update/announcement/…	external
https://www.suse.com/support/update/announcement/…	external
http://www.ubuntu.com/usn/usn-3505-1/	external
https://www.suse.com/support/update/announcement/…	external
https://www.suse.com/support/update/announcement/…	external
http://support.blackberry.com/kb/articleDetail?la…	external
https://lists.suse.com/pipermail/sle-security-upd…	external
https://lists.suse.com/pipermail/sle-security-upd…	external
https://lists.suse.com/pipermail/sle-security-upd…	external
https://lists.opensuse.org/archives/list/security…	external
https://lists.opensuse.org/archives/list/security…	external
https://lists.opensuse.org/archives/list/security…	external
https://lists.opensuse.org/archives/list/security…	external
https://lists.opensuse.org/archives/list/security…	external
https://lists.opensuse.org/archives/list/security…	external
https://lists.opensuse.org/archives/list/security…	external
https://lists.opensuse.org/archives/list/security…	external
https://lists.opensuse.org/archives/list/security…	external
https://lists.opensuse.org/archives/list/security…	external

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "text": "hoch"
    },
    "category": "csaf_base",
    "csaf_version": "2.0",
    "distribution": {
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "de-DE",
    "notes": [
      {
        "category": "legal_disclaimer",
        "text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
      },
      {
        "category": "description",
        "text": "WPA2 ist der aktuelle Verschl\u00fcsselungsstandard f\u00fcr Wireless LAN.",
        "title": "Produktbeschreibung"
      },
      {
        "category": "summary",
        "text": "Ein entfernter, anonymer Angreifer kann mehrere Schwachstellen in IEEE WPA2 ausnutzen, um Sicherheitsvorkehrungen zu umgehen.",
        "title": "Angriff"
      },
      {
        "category": "general",
        "text": "- Android\n- Appliance\n- BIOS/Firmware\n- CISCO Appliance\n- Hardware Appliance\n- iPhoneOS\n- Linux\n- Sonstiges\n- UNIX\n- Windows",
        "title": "Betroffene Betriebssysteme"
      }
    ],
    "publisher": {
      "category": "other",
      "contact_details": "csaf-provider@cert-bund.de",
      "name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
      "namespace": "https://www.bsi.bund.de"
    },
    "references": [
      {
        "category": "self",
        "summary": "WID-SEC-W-2025-0369 - CSAF Version",
        "url": "https://wid.cert-bund.de/.well-known/csaf/white/2017/wid-sec-w-2025-0369.json"
      },
      {
        "category": "self",
        "summary": "WID-SEC-2025-0369 - Portal Version",
        "url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2025-0369"
      },
      {
        "category": "external",
        "summary": "Meldung auf der OSS-Sec Mailing Liste vom 2017-10-16",
        "url": "http://seclists.org/oss-sec/2017/q4/83"
      },
      {
        "category": "external",
        "summary": "Meldung auf Krack Attack Stand 2017-10-16",
        "url": "https://www.krackattacks.com/"
      },
      {
        "category": "external",
        "summary": "Debian Security Advisory DSA-3999-1 vom 2017-10-16",
        "url": "https://lists.debian.org/debian-security-announce/2017/msg00261.html"
      },
      {
        "category": "external",
        "summary": "Intel Security Advisory INTEL-SA-00101 vom 2017-10-16",
        "url": "https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00101\u0026languageid=en-fr"
      },
      {
        "category": "external",
        "summary": "Ubuntu Security Notice USN-3455-1 vom 2017-10-16",
        "url": "http://www.ubuntu.com/usn/usn-3455-1/"
      },
      {
        "category": "external",
        "summary": "Sophos Knowledge Base #127658",
        "url": "https://community.sophos.com/kb/en-us/127658"
      },
      {
        "category": "external",
        "summary": "Cisco Security Advisory cisco-sa-20171016-wpa vom 2017-10-17",
        "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171016-wpa"
      },
      {
        "category": "external",
        "summary": "Microsoft Security Guidance CVE-2017-13080 vom 2017-10-16",
        "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-13080"
      },
      {
        "category": "external",
        "summary": "Juniper Security Advisory JSA10827 vom 2017-10-16",
        "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10827"
      },
      {
        "category": "external",
        "summary": "FreeBSD Security Notice vom 2017-10-16",
        "url": "https://lists.freebsd.org/pipermail/freebsd-announce/2017-October/001805.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2017:2745-1 vom 2017-10-17",
        "url": "https://www.suse.com/support/update/announcement/2017/suse-su-20172745-1.html"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2017:2907 vom 2017-10-18",
        "url": "https://access.redhat.com/errata/RHSA-2017:2907"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2017:2752-1 vom 2017-10-18",
        "url": "https://www.suse.com/support/update/announcement/2017/suse-su-20172752-1.html"
      },
      {
        "category": "external",
        "summary": "Oracle Linux Security Advisory ELSA-2017-2907 vom 2017-10-18",
        "url": "http://linux.oracle.com/errata/ELSA-2017-2907.html"
      },
      {
        "category": "external",
        "summary": "CentOS Security Advisory CESA-2017:2907 vom 2017-10-17",
        "url": "http://centos-announce.2309468.n4.nabble.com/CentOS-announce-CESA-2017-2907-Important-CentOS-7-wpa-supplicant-Security-Update-tp4644777.html"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2017:2911 vom 2017-10-18",
        "url": "https://access.redhat.com/errata/RHSA-2017:2911"
      },
      {
        "category": "external",
        "summary": "CentOS Security Advisory CESA-2017:2911 vom 2017-10-18",
        "url": "https://lists.centos.org/pipermail/centos-announce/2017-October/022570.html"
      },
      {
        "category": "external",
        "summary": "Meldung von AVM Stand 2017-10-19",
        "url": "https://avm.de/service/aktuelle-sicherheitshinweise/"
      },
      {
        "category": "external",
        "summary": "Fortinet Advisory FG-IR-17-196 vom 2017-10-24",
        "url": "http://fortiguard.com/psirt/FG-IR-17-196"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2017:2847-1 vom 2017-10-25",
        "url": "https://www.suse.com/support/update/announcement/2017/suse-su-20172847-1.html"
      },
      {
        "category": "external",
        "summary": "Update des Cisco Security Advisory cisco-sa-20171016-wpa Stand 2017-10-25",
        "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171016-wpa"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2017:2869-1 vom 2017-10-27",
        "url": "https://www.suse.com/support/update/announcement/2017/suse-su-20172869-1.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2017:2908-1 vom 2017-10-30",
        "url": "https://www.suse.com/support/update/announcement/2017/suse-su-20172908-1.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2017:2920-1 vom 2017-11-02",
        "url": "https://www.suse.com/support/update/announcement/2017/suse-su-20172920-1.html"
      },
      {
        "category": "external",
        "summary": "Intel Security Advisory INTEL-SA-00093 vom 2017-11-21",
        "url": "https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00093\u0026languageid=en-fr"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2017:3117-1 vom 2017-11-30",
        "url": "https://www.suse.com/support/update/announcement/2017/suse-su-20173117-1.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2017:3123-1 vom 2017-11-30",
        "url": "https://www.suse.com/support/update/announcement/2017/suse-su-20173123-1.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2017:3118-1 vom 2017-11-30",
        "url": "https://www.suse.com/support/update/announcement/2017/suse-su-20173118-1.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2017:3125-1 vom 2017-11-30",
        "url": "https://www.suse.com/support/update/announcement/2017/suse-su-20173125-1.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2017:3132-1 vom 2017-11-30",
        "url": "https://www.suse.com/support/update/announcement/2017/suse-su-20173132-1.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2017:3119-1 vom 2017-11-30",
        "url": "https://www.suse.com/support/update/announcement/2017/suse-su-20173119-1.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2017:3124-1 vom 2017-11-30",
        "url": "https://www.suse.com/support/update/announcement/2017/suse-su-20173124-1.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2017:3131-1 vom 2017-11-30",
        "url": "https://www.suse.com/support/update/announcement/2017/suse-su-20173131-1.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2017:3130-1 vom 2017-11-30",
        "url": "https://www.suse.com/support/update/announcement/2017/suse-su-20173130-1.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2017:3127-1 vom 2017-11-30",
        "url": "https://www.suse.com/support/update/announcement/2017/suse-su-20173127-1.html"
      },
      {
        "category": "external",
        "summary": "Ubuntu Security Notice USN-3505-1 vom 2017-12-06",
        "url": "http://www.ubuntu.com/usn/usn-3505-1/"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2017:3265-1 vom 2017-12-12",
        "url": "https://www.suse.com/support/update/announcement/2017/suse-su-20173265-1.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2018:0040-1 vom 2018-01-09",
        "url": "https://www.suse.com/support/update/announcement/2018/suse-su-20180040-1.html"
      },
      {
        "category": "external",
        "summary": "Blackberry Advisory Article Number: 000046425",
        "url": "http://support.blackberry.com/kb/articleDetail?language=en_US\u0026articleNumber=000046425"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2020:3424-1 vom 2020-11-19",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2020-November/007819.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2020:3380-1 vom 2020-11-19",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2020-November/007800.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2022:1853-1 vom 2022-05-26",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2022-May/011164.html"
      },
      {
        "category": "external",
        "summary": "openSUSE Security Update OPENSUSE-SU-2025:14791-1 vom 2025-02-13",
        "url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/7ILZHMVR4NNCE6NWCEPZ2BVWZXYSWRTS/"
      },
      {
        "category": "external",
        "summary": "openSUSE Security Update OPENSUSE-SU-2025:14770-1 vom 2025-02-13",
        "url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/message/WU6USOH6Z5LBH65E37F7SXQ2ZCYMYO4C/"
      },
      {
        "category": "external",
        "summary": "openSUSE Security Update OPENSUSE-SU-2025:14778-1 vom 2025-02-13",
        "url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/E3XCURBMJRRPRVU3EVKDNACDUEBSYOCK/"
      },
      {
        "category": "external",
        "summary": "openSUSE Security Update OPENSUSE-SU-2025:14777-1 vom 2025-02-13",
        "url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/message/K4CQIJEA5UAOBWUSUVTBHDHKQNBQURQG/"
      },
      {
        "category": "external",
        "summary": "openSUSE Security Update OPENSUSE-SU-2025:14787-1 vom 2025-02-13",
        "url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/message/FWMIURVH3RGSXYDDHGU2A5NU4OI3OLPB/"
      },
      {
        "category": "external",
        "summary": "openSUSE Security Update OPENSUSE-SU-2025:14796-1 vom 2025-02-13",
        "url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/message/JRVYJFDMGL4ZFIAYJKJTQHRR5SPMPZJ2/"
      },
      {
        "category": "external",
        "summary": "openSUSE Security Update OPENSUSE-SU-2025:14776-1 vom 2025-02-13",
        "url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/5VY6LKWXFA5DZKFFJWA52HJLZ3GJXUDB/"
      },
      {
        "category": "external",
        "summary": "openSUSE Security Update OPENSUSE-SU-2025:14800-1 vom 2025-02-13",
        "url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/message/XIORKETHKWBJRRYF55G3J3DL3T7QGOEL/"
      },
      {
        "category": "external",
        "summary": "openSUSE Security Update OPENSUSE-SU-2025:14797-1 vom 2025-02-13",
        "url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/message/RLB6EQ4PQFULA6326VPRQRWW66T32SST/"
      },
      {
        "category": "external",
        "summary": "openSUSE Security Update OPENSUSE-SU-2025:14804-1 vom 2025-02-14",
        "url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/message/EISBLM6MW64JFKX5G6QNSKXKI34QXKQ4/"
      }
    ],
    "source_lang": "en-US",
    "title": "IEEE WPA2: Mehrere Schwachstellen",
    "tracking": {
      "current_release_date": "2025-02-16T23:00:00.000+00:00",
      "generator": {
        "date": "2025-02-17T09:16:50.201+00:00",
        "engine": {
          "name": "BSI-WID",
          "version": "1.3.12"
        }
      },
      "id": "WID-SEC-W-2025-0369",
      "initial_release_date": "2017-10-15T22:00:00.000+00:00",
      "revision_history": [
        {
          "date": "2017-10-15T22:00:00.000+00:00",
          "number": "1",
          "summary": "Initial Release"
        },
        {
          "date": "2017-10-15T22:00:00.000+00:00",
          "number": "2",
          "summary": "Version nicht vorhanden"
        },
        {
          "date": "2017-10-16T22:00:00.000+00:00",
          "number": "3",
          "summary": "New remediations available"
        },
        {
          "date": "2017-10-16T22:00:00.000+00:00",
          "number": "4",
          "summary": "Version nicht vorhanden"
        },
        {
          "date": "2017-10-16T22:00:00.000+00:00",
          "number": "5",
          "summary": "New remediations available"
        },
        {
          "date": "2017-10-16T22:00:00.000+00:00",
          "number": "6",
          "summary": "Version nicht vorhanden"
        },
        {
          "date": "2017-10-16T22:00:00.000+00:00",
          "number": "7",
          "summary": "Version nicht vorhanden"
        },
        {
          "date": "2017-10-16T22:00:00.000+00:00",
          "number": "8",
          "summary": "Version nicht vorhanden"
        },
        {
          "date": "2017-10-16T22:00:00.000+00:00",
          "number": "9",
          "summary": "Version nicht vorhanden"
        },
        {
          "date": "2017-10-17T22:00:00.000+00:00",
          "number": "10",
          "summary": "New remediations available"
        },
        {
          "date": "2017-10-17T22:00:00.000+00:00",
          "number": "11",
          "summary": "Version nicht vorhanden"
        },
        {
          "date": "2017-10-17T22:00:00.000+00:00",
          "number": "12",
          "summary": "New remediations available"
        },
        {
          "date": "2017-10-19T22:00:00.000+00:00",
          "number": "13",
          "summary": "new affected product"
        },
        {
          "date": "2017-10-24T22:00:00.000+00:00",
          "number": "14",
          "summary": "New remediations available"
        },
        {
          "date": "2017-10-24T22:00:00.000+00:00",
          "number": "15",
          "summary": "Version nicht vorhanden"
        },
        {
          "date": "2017-10-25T22:00:00.000+00:00",
          "number": "16",
          "summary": "New remediations available"
        },
        {
          "date": "2017-10-25T22:00:00.000+00:00",
          "number": "17",
          "summary": "Version nicht vorhanden"
        },
        {
          "date": "2017-10-29T23:00:00.000+00:00",
          "number": "18",
          "summary": "New remediations available"
        },
        {
          "date": "2017-10-31T23:00:00.000+00:00",
          "number": "19",
          "summary": "New remediations available"
        },
        {
          "date": "2017-11-02T23:00:00.000+00:00",
          "number": "20",
          "summary": "New remediations available"
        },
        {
          "date": "2017-11-06T23:00:00.000+00:00",
          "number": "21",
          "summary": "Added references"
        },
        {
          "date": "2017-11-21T23:00:00.000+00:00",
          "number": "22",
          "summary": "Version nicht vorhanden"
        },
        {
          "date": "2017-11-29T23:00:00.000+00:00",
          "number": "23",
          "summary": "New remediations available"
        },
        {
          "date": "2017-11-29T23:00:00.000+00:00",
          "number": "24",
          "summary": "Version nicht vorhanden"
        },
        {
          "date": "2017-11-29T23:00:00.000+00:00",
          "number": "25",
          "summary": "New remediations available"
        },
        {
          "date": "2017-12-05T23:00:00.000+00:00",
          "number": "26",
          "summary": "New remediations available"
        },
        {
          "date": "2017-12-11T23:00:00.000+00:00",
          "number": "27",
          "summary": "New remediations available"
        },
        {
          "date": "2018-01-08T23:00:00.000+00:00",
          "number": "28",
          "summary": "New remediations available"
        },
        {
          "date": "2018-01-28T23:00:00.000+00:00",
          "number": "29",
          "summary": "New remediations available"
        },
        {
          "date": "2020-11-19T23:00:00.000+00:00",
          "number": "30",
          "summary": "Neue Updates von SUSE aufgenommen"
        },
        {
          "date": "2022-05-26T22:00:00.000+00:00",
          "number": "31",
          "summary": "Neue Updates von SUSE aufgenommen"
        },
        {
          "date": "2025-02-13T23:00:00.000+00:00",
          "number": "32",
          "summary": "Neue Updates von openSUSE aufgenommen"
        },
        {
          "date": "2025-02-16T23:00:00.000+00:00",
          "number": "33",
          "summary": "Neue Updates von openSUSE aufgenommen"
        }
      ],
      "status": "final",
      "version": "33"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "category": "product_name",
            "name": "AVM FRITZ!Box",
            "product": {
              "name": "AVM FRITZ!Box",
              "product_id": "T002543",
              "product_identification_helper": {
                "cpe": "cpe:/o:avm:fritzos:-"
              }
            }
          },
          {
            "category": "product_name",
            "name": "AVM FRITZ!WLAN",
            "product": {
              "name": "AVM FRITZ!WLAN",
              "product_id": "T011056",
              "product_identification_helper": {
                "cpe": "cpe:/h:avm:fritzwlan_repeater:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "AVM"
      },
      {
        "branches": [
          {
            "category": "product_name",
            "name": "Cisco AP541N Wireless Access Point",
            "product": {
              "name": "Cisco AP541N Wireless Access Point",
              "product_id": "T000634",
              "product_identification_helper": {
                "cpe": "cpe:/h:cisco:ap541n_wireless_access_point:-"
              }
            }
          },
          {
            "category": "product_name",
            "name": "Cisco AnyConnect Secure Mobility Solution",
            "product": {
              "name": "Cisco AnyConnect Secure Mobility Solution",
              "product_id": "T001830",
              "product_identification_helper": {
                "cpe": "cpe:/a:cisco:anyconnect_secure_mobility_client:-"
              }
            }
          },
          {
            "category": "product_name",
            "name": "Cisco IP Phone",
            "product": {
              "name": "Cisco IP Phone",
              "product_id": "2070",
              "product_identification_helper": {
                "cpe": "cpe:/h:cisco:ip_phone:-"
              }
            }
          },
          {
            "category": "product_name",
            "name": "Cisco Small Business",
            "product": {
              "name": "Cisco Small Business",
              "product_id": "T006607",
              "product_identification_helper": {
                "cpe": "cpe:/h:cisco:small_business:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "Cisco"
      },
      {
        "branches": [
          {
            "category": "product_name",
            "name": "Debian Linux",
            "product": {
              "name": "Debian Linux",
              "product_id": "2951",
              "product_identification_helper": {
                "cpe": "cpe:/o:debian:debian_linux:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "Debian"
      },
      {
        "branches": [
          {
            "category": "product_name",
            "name": "Fortinet FortiGate",
            "product": {
              "name": "Fortinet FortiGate",
              "product_id": "T004020",
              "product_identification_helper": {
                "cpe": "cpe:/h:fortinet:fortigate:-"
              }
            }
          },
          {
            "category": "product_name",
            "name": "Fortinet FortiOS",
            "product": {
              "name": "Fortinet FortiOS",
              "product_id": "T009615",
              "product_identification_helper": {
                "cpe": "cpe:/o:fortinet:fortios:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "Fortinet"
      },
      {
        "branches": [
          {
            "category": "product_name",
            "name": "FreeBSD Project FreeBSD OS",
            "product": {
              "name": "FreeBSD Project FreeBSD OS",
              "product_id": "4035",
              "product_identification_helper": {
                "cpe": "cpe:/o:freebsd:freebsd:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "FreeBSD Project"
      },
      {
        "branches": [
          {
            "category": "product_name",
            "name": "Intel BIOS",
            "product": {
              "name": "Intel BIOS",
              "product_id": "T010955",
              "product_identification_helper": {
                "cpe": "cpe:/h:intel:bios:-"
              }
            }
          },
          {
            "category": "product_name",
            "name": "Intel Xeon",
            "product": {
              "name": "Intel Xeon",
              "product_id": "T011286",
              "product_identification_helper": {
                "cpe": "cpe:/h:intel:xeon:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "Intel"
      },
      {
        "branches": [
          {
            "category": "product_name",
            "name": "Juniper JUNOS",
            "product": {
              "name": "Juniper JUNOS",
              "product_id": "5930",
              "product_identification_helper": {
                "cpe": "cpe:/o:juniper:junos:-"
              }
            }
          },
          {
            "category": "product_name",
            "name": "Juniper SRX Series",
            "product": {
              "name": "Juniper SRX Series",
              "product_id": "T008011",
              "product_identification_helper": {
                "cpe": "cpe:/h:juniper:srx_service_gateways:-"
              }
            }
          },
          {
            "category": "product_name",
            "name": "Juniper ScreenOS",
            "product": {
              "name": "Juniper ScreenOS",
              "product_id": "T008638",
              "product_identification_helper": {
                "cpe": "cpe:/o:juniper:screenos:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "Juniper"
      },
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_name",
                "name": "Microsoft Windows 10 for 32-bit Systems",
                "product": {
                  "name": "Microsoft Windows 10 for 32-bit Systems",
                  "product_id": "T005617",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:microsoft:windows_10:-"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "Microsoft Windows 10 for x64-based Systems",
                "product": {
                  "name": "Microsoft Windows 10 for x64-based Systems",
                  "product_id": "T005618",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:microsoft:windows_10:x64"
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "Windows 10"
          },
          {
            "category": "product_name",
            "name": "Microsoft Windows 7",
            "product": {
              "name": "Microsoft Windows 7",
              "product_id": "100461",
              "product_identification_helper": {
                "cpe": "cpe:/o:microsoft:windows_7:-"
              }
            }
          },
          {
            "category": "product_name",
            "name": "Microsoft Windows 8.1",
            "product": {
              "name": "Microsoft Windows 8.1",
              "product_id": "T002139",
              "product_identification_helper": {
                "cpe": "cpe:/o:microsoft:windows_8.1:::x86"
              }
            }
          },
          {
            "branches": [
              {
                "category": "product_name",
                "name": "Microsoft Windows Server 2008",
                "product": {
                  "name": "Microsoft Windows Server 2008",
                  "product_id": "103824",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:microsoft:windows_server_2008:-"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "Microsoft Windows Server 2008 R2 Service Pack 1",
                "product": {
                  "name": "Microsoft Windows Server 2008 R2 Service Pack 1",
                  "product_id": "149499",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:microsoft:windows_server_2008:r2:sp1"
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "Windows Server 2008 Service Pack 2"
          },
          {
            "branches": [
              {
                "category": "product_name",
                "name": "Microsoft Windows Server 2012",
                "product": {
                  "name": "Microsoft Windows Server 2012",
                  "product_id": "185379",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:microsoft:windows_server_2012:-"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "Microsoft Windows Server 2012 R2",
                "product": {
                  "name": "Microsoft Windows Server 2012 R2",
                  "product_id": "T002138",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:microsoft:windows_server_2012:r2"
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "Windows Server 2012"
          },
          {
            "category": "product_name",
            "name": "Microsoft Windows Server 2016",
            "product": {
              "name": "Microsoft Windows Server 2016",
              "product_id": "T008880",
              "product_identification_helper": {
                "cpe": "cpe:/o:microsoft:windows_server_2016:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "Microsoft"
      },
      {
        "branches": [
          {
            "category": "product_name",
            "name": "Open Source CentOS",
            "product": {
              "name": "Open Source CentOS",
              "product_id": "1727",
              "product_identification_helper": {
                "cpe": "cpe:/o:centos:centos:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "Open Source"
      },
      {
        "branches": [
          {
            "category": "product_name",
            "name": "OpenBSD OpenBSD",
            "product": {
              "name": "OpenBSD OpenBSD",
              "product_id": "8222",
              "product_identification_helper": {
                "cpe": "cpe:/o:openbsd:openbsd:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "OpenBSD"
      },
      {
        "branches": [
          {
            "category": "product_name",
            "name": "Oracle Linux",
            "product": {
              "name": "Oracle Linux",
              "product_id": "T004914",
              "product_identification_helper": {
                "cpe": "cpe:/o:oracle:linux:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "Oracle"
      },
      {
        "branches": [
          {
            "category": "product_name",
            "name": "Red Hat Enterprise Linux",
            "product": {
              "name": "Red Hat Enterprise Linux",
              "product_id": "67646",
              "product_identification_helper": {
                "cpe": "cpe:/o:redhat:enterprise_linux:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "Red Hat"
      },
      {
        "branches": [
          {
            "category": "product_name",
            "name": "SUSE Linux",
            "product": {
              "name": "SUSE Linux",
              "product_id": "T002207",
              "product_identification_helper": {
                "cpe": "cpe:/o:suse:suse_linux:-"
              }
            }
          },
          {
            "category": "product_name",
            "name": "SUSE openSUSE",
            "product": {
              "name": "SUSE openSUSE",
              "product_id": "T027843",
              "product_identification_helper": {
                "cpe": "cpe:/o:suse:opensuse:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "SUSE"
      },
      {
        "branches": [
          {
            "category": "product_name",
            "name": "Sophos Unified Threat Management (UTM) Software",
            "product": {
              "name": "Sophos Unified Threat Management (UTM) Software",
              "product_id": "T006910",
              "product_identification_helper": {
                "cpe": "cpe:/a:sophos:unified_threat_management_software:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "Sophos"
      },
      {
        "branches": [
          {
            "category": "product_name",
            "name": "Specification WPA2",
            "product": {
              "name": "Specification WPA2",
              "product_id": "T010954",
              "product_identification_helper": {
                "cpe": "cpe:/h:ieee:wpa2:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "Specification"
      },
      {
        "branches": [
          {
            "category": "product_name",
            "name": "Ubuntu Linux",
            "product": {
              "name": "Ubuntu Linux",
              "product_id": "T000126",
              "product_identification_helper": {
                "cpe": "cpe:/o:canonical:ubuntu_linux:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "Ubuntu"
      },
      {
        "branches": [
          {
            "category": "product_name",
            "name": "Cisco ASA (Adaptive Security Appliance)",
            "product": {
              "name": "Cisco ASA (Adaptive Security Appliance)",
              "product_id": "138049",
              "product_identification_helper": {
                "cpe": "cpe:/a:cisco:adaptive_security_appliance_device_manager:-"
              }
            }
          },
          {
            "category": "product_name",
            "name": "Cisco Aironet Access Point",
            "product": {
              "name": "Cisco Aironet Access Point",
              "product_id": "177610",
              "product_identification_helper": {
                "cpe": "cpe:/h:cisco:aironet_3500:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "cisco"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2017-13077",
      "product_status": {
        "known_affected": [
          "2070",
          "T010954",
          "T010955",
          "67646",
          "T008638",
          "4035",
          "100461",
          "T006910",
          "T011286",
          "149499",
          "T004914",
          "T000634",
          "T002139",
          "T002138",
          "138049",
          "5930",
          "177610",
          "T008011",
          "103824",
          "8222",
          "T009615",
          "T011056",
          "T005617",
          "T006607",
          "185379",
          "T005618",
          "2951",
          "T002207",
          "T000126",
          "T001830",
          "T027843",
          "T002543",
          "1727",
          "T004020",
          "T008880"
        ]
      },
      "release_date": "2017-10-15T22:00:00.000+00:00",
      "title": "CVE-2017-13077"
    },
    {
      "cve": "CVE-2017-13078",
      "product_status": {
        "known_affected": [
          "2070",
          "T010954",
          "T010955",
          "67646",
          "T008638",
          "4035",
          "100461",
          "T006910",
          "T011286",
          "149499",
          "T004914",
          "T000634",
          "T002139",
          "T002138",
          "138049",
          "5930",
          "177610",
          "T008011",
          "103824",
          "8222",
          "T009615",
          "T011056",
          "T005617",
          "T006607",
          "185379",
          "T005618",
          "2951",
          "T002207",
          "T000126",
          "T001830",
          "T027843",
          "T002543",
          "1727",
          "T004020",
          "T008880"
        ]
      },
      "release_date": "2017-10-15T22:00:00.000+00:00",
      "title": "CVE-2017-13078"
    },
    {
      "cve": "CVE-2017-13079",
      "product_status": {
        "known_affected": [
          "2070",
          "T010954",
          "T010955",
          "67646",
          "T008638",
          "4035",
          "100461",
          "T006910",
          "T011286",
          "149499",
          "T004914",
          "T000634",
          "T002139",
          "T002138",
          "138049",
          "5930",
          "177610",
          "T008011",
          "103824",
          "8222",
          "T009615",
          "T011056",
          "T005617",
          "T006607",
          "185379",
          "T005618",
          "2951",
          "T002207",
          "T000126",
          "T001830",
          "T027843",
          "T002543",
          "1727",
          "T004020",
          "T008880"
        ]
      },
      "release_date": "2017-10-15T22:00:00.000+00:00",
      "title": "CVE-2017-13079"
    },
    {
      "cve": "CVE-2017-13080",
      "product_status": {
        "known_affected": [
          "2070",
          "T010954",
          "T010955",
          "67646",
          "T008638",
          "4035",
          "100461",
          "T006910",
          "T011286",
          "149499",
          "T004914",
          "T000634",
          "T002139",
          "T002138",
          "138049",
          "5930",
          "177610",
          "T008011",
          "103824",
          "8222",
          "T009615",
          "T011056",
          "T005617",
          "T006607",
          "185379",
          "T005618",
          "2951",
          "T002207",
          "T000126",
          "T001830",
          "T027843",
          "T002543",
          "1727",
          "T004020",
          "T008880"
        ]
      },
      "release_date": "2017-10-15T22:00:00.000+00:00",
      "title": "CVE-2017-13080"
    },
    {
      "cve": "CVE-2017-13081",
      "product_status": {
        "known_affected": [
          "2070",
          "T010954",
          "T010955",
          "67646",
          "T008638",
          "4035",
          "100461",
          "T006910",
          "T011286",
          "149499",
          "T004914",
          "T000634",
          "T002139",
          "T002138",
          "138049",
          "5930",
          "177610",
          "T008011",
          "103824",
          "8222",
          "T009615",
          "T011056",
          "T005617",
          "T006607",
          "185379",
          "T005618",
          "2951",
          "T002207",
          "T000126",
          "T001830",
          "T027843",
          "T002543",
          "1727",
          "T004020",
          "T008880"
        ]
      },
      "release_date": "2017-10-15T22:00:00.000+00:00",
      "title": "CVE-2017-13081"
    },
    {
      "cve": "CVE-2017-13082",
      "product_status": {
        "known_affected": [
          "2070",
          "T010954",
          "T010955",
          "67646",
          "T008638",
          "4035",
          "100461",
          "T006910",
          "T011286",
          "149499",
          "T004914",
          "T000634",
          "T002139",
          "T002138",
          "138049",
          "5930",
          "177610",
          "T008011",
          "103824",
          "8222",
          "T009615",
          "T011056",
          "T005617",
          "T006607",
          "185379",
          "T005618",
          "2951",
          "T002207",
          "T000126",
          "T001830",
          "T027843",
          "T002543",
          "1727",
          "T004020",
          "T008880"
        ]
      },
      "release_date": "2017-10-15T22:00:00.000+00:00",
      "title": "CVE-2017-13082"
    },
    {
      "cve": "CVE-2017-13084",
      "product_status": {
        "known_affected": [
          "2070",
          "T010954",
          "T010955",
          "67646",
          "T008638",
          "4035",
          "100461",
          "T006910",
          "T011286",
          "149499",
          "T004914",
          "T000634",
          "T002139",
          "T002138",
          "138049",
          "5930",
          "177610",
          "T008011",
          "103824",
          "8222",
          "T009615",
          "T011056",
          "T005617",
          "T006607",
          "185379",
          "T005618",
          "2951",
          "T002207",
          "T000126",
          "T001830",
          "T027843",
          "T002543",
          "1727",
          "T004020",
          "T008880"
        ]
      },
      "release_date": "2017-10-15T22:00:00.000+00:00",
      "title": "CVE-2017-13084"
    },
    {
      "cve": "CVE-2017-13086",
      "product_status": {
        "known_affected": [
          "2070",
          "T010954",
          "T010955",
          "67646",
          "T008638",
          "4035",
          "100461",
          "T006910",
          "T011286",
          "149499",
          "T004914",
          "T000634",
          "T002139",
          "T002138",
          "138049",
          "5930",
          "177610",
          "T008011",
          "103824",
          "8222",
          "T009615",
          "T011056",
          "T005617",
          "T006607",
          "185379",
          "T005618",
          "2951",
          "T002207",
          "T000126",
          "T001830",
          "T027843",
          "T002543",
          "1727",
          "T004020",
          "T008880"
        ]
      },
      "release_date": "2017-10-15T22:00:00.000+00:00",
      "title": "CVE-2017-13086"
    },
    {
      "cve": "CVE-2017-13087",
      "product_status": {
        "known_affected": [
          "2070",
          "T010954",
          "T010955",
          "67646",
          "T008638",
          "4035",
          "100461",
          "T006910",
          "T011286",
          "149499",
          "T004914",
          "T000634",
          "T002139",
          "T002138",
          "138049",
          "5930",
          "177610",
          "T008011",
          "103824",
          "8222",
          "T009615",
          "T011056",
          "T005617",
          "T006607",
          "185379",
          "T005618",
          "2951",
          "T002207",
          "T000126",
          "T001830",
          "T027843",
          "T002543",
          "1727",
          "T004020",
          "T008880"
        ]
      },
      "release_date": "2017-10-15T22:00:00.000+00:00",
      "title": "CVE-2017-13087"
    },
    {
      "cve": "CVE-2017-13088",
      "product_status": {
        "known_affected": [
          "2070",
          "T010954",
          "T010955",
          "67646",
          "T008638",
          "4035",
          "100461",
          "T006910",
          "T011286",
          "149499",
          "T004914",
          "T000634",
          "T002139",
          "T002138",
          "138049",
          "5930",
          "177610",
          "T008011",
          "103824",
          "8222",
          "T009615",
          "T011056",
          "T005617",
          "T006607",
          "185379",
          "T005618",
          "2951",
          "T002207",
          "T000126",
          "T001830",
          "T027843",
          "T002543",
          "1727",
          "T004020",
          "T008880"
        ]
      },
      "release_date": "2017-10-15T22:00:00.000+00:00",
      "title": "CVE-2017-13088"
    }
  ]
}

Sightings

Author	Source	Type	Date	Other

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2017-13086 (GCVE-0-2017-13086)

VDE-2017-005

VDE-2019-005

WID-SEC-W-2025-0369

Tags

Sightings

Nomenclature