VDE-2017-005
Vulnerability from csaf_pepperlfuchsse - Published: 2017-12-11 13:26 - Updated: 2018-10-23 10:00Summary
Pepperl+Fuchs / ecom instruments: WLAN enabled products utilizing WPA2 encryption
Notes
Summary: Multiple security issues and vulnerabilities within the WPA2 standard have been identified and publicized by Mr. Mathy Vanhoef of KU Leuven. These vulnerabilities may allow the reinstallation of a pairwise transient key, a group key, or an integrity key on either a wireless client or a wireless access point (AP). In consequence, an attacker could establish a man-in-the-middle position between AP and client facilitating packet decryption and injection.
ecom instruments is a subsidiary company of PEPPERL+FUCHS.
Impact: ecom instruments devices are in theory attackable by replay, decryption and forging of packets. However, to perform the attack, the attacker must be significantly closer to the ecom device than to the access point. The WPA2 password cannot be compromised using a KRACK attack. Note if WPA-TKIP is used instead of AES-CCMP, an attacker can easily forge and inject packets directly into the WLAN.
Remediation: ### Android
**Affected Products:**
Tab-Ex 01, Ex-Handy 09, Ex-Handy 209, Smart-Ex 01, Smart-Ex 201
Pepperl+Fuchs has released firmware updates for the following products:
| Product | Date | Update Source |
|---------------|-----------------------|----------------|
| Smart-Ex 01 | Available since 09/2018 | FOTA-Update |
| Smart-Ex 201 | Available since 10/2018 | FOTA-Update |
---
### Windows
**Affected Products:**
Pad-Ex 01, i.roc Ci70-Ex, CK70A-ATEX, CK71A-ATEX, CN70A-ATEX, CN70E-ATEX
For *ecom instruments* devices running Windows, we recommend to apply the security update provided by Microsoft.
If you are using **WPA-TKIP** in your WLAN, you should switch to **AES-CCMP** immediately.
> **Note:**
> This advisory will be updated as further details and/or software updates become available.
Wi-Fi Protected Access (WPA and WPA2) allows reinstallation of the Pairwise Transient Key (PTK) Temporal Key (TK) during the four-way handshake, allowing an attacker within radio range to replay, decrypt, or spoof frames.
6.8 (Medium)
Vendor Fix
### Android
**Affected Products:**
Tab-Ex 01, Ex-Handy 09, Ex-Handy 209, Smart-Ex 01, Smart-Ex 201
Pepperl+Fuchs has released firmware updates for the following products:
| Product | Date | Update Source |
|---------------|-----------------------|----------------|
| Smart-Ex 01 | Available since 09/2018 | FOTA-Update |
| Smart-Ex 201 | Available since 10/2018 | FOTA-Update |
---
### Windows
**Affected Products:**
Pad-Ex 01, i.roc Ci70-Ex, CK70A-ATEX, CK71A-ATEX, CN70A-ATEX, CN70E-ATEX
For *ecom instruments* devices running Windows, we recommend to apply the security update provided by Microsoft.
If you are using **WPA-TKIP** in your WLAN, you should switch to **AES-CCMP** immediately.
> **Note:**
> This advisory will be updated as further details and/or software updates become available.
Wi-Fi Protected Access (WPA and WPA2) allows reinstallation of the Group Temporal Key (GTK) during the four-way handshake, allowing an attacker within radio range to replay frames from access points to clients.
5.3 (Medium)
Vendor Fix
### Android
**Affected Products:**
Tab-Ex 01, Ex-Handy 09, Ex-Handy 209, Smart-Ex 01, Smart-Ex 201
Pepperl+Fuchs has released firmware updates for the following products:
| Product | Date | Update Source |
|---------------|-----------------------|----------------|
| Smart-Ex 01 | Available since 09/2018 | FOTA-Update |
| Smart-Ex 201 | Available since 10/2018 | FOTA-Update |
---
### Windows
**Affected Products:**
Pad-Ex 01, i.roc Ci70-Ex, CK70A-ATEX, CK71A-ATEX, CN70A-ATEX, CN70E-ATEX
For *ecom instruments* devices running Windows, we recommend to apply the security update provided by Microsoft.
If you are using **WPA-TKIP** in your WLAN, you should switch to **AES-CCMP** immediately.
> **Note:**
> This advisory will be updated as further details and/or software updates become available.
Wi-Fi Protected Access (WPA and WPA2) allows reinstallation of the Group Temporal Key (GTK) during the group key handshake, allowing an attacker within radio range to replay frames from access points to clients.
5.3 (Medium)
Vendor Fix
### Android
**Affected Products:**
Tab-Ex 01, Ex-Handy 09, Ex-Handy 209, Smart-Ex 01, Smart-Ex 201
Pepperl+Fuchs has released firmware updates for the following products:
| Product | Date | Update Source |
|---------------|-----------------------|----------------|
| Smart-Ex 01 | Available since 09/2018 | FOTA-Update |
| Smart-Ex 201 | Available since 10/2018 | FOTA-Update |
---
### Windows
**Affected Products:**
Pad-Ex 01, i.roc Ci70-Ex, CK70A-ATEX, CK71A-ATEX, CN70A-ATEX, CN70E-ATEX
For *ecom instruments* devices running Windows, we recommend to apply the security update provided by Microsoft.
If you are using **WPA-TKIP** in your WLAN, you should switch to **AES-CCMP** immediately.
> **Note:**
> This advisory will be updated as further details and/or software updates become available.
Wi-Fi Protected Access (WPA and WPA2) that supports IEEE 802.11w allows reinstallation of the Integrity Group Temporal Key (IGTK) during the four-way handshake, allowing an attacker within radio range to spoof frames from access points to clients.
5.3 (Medium)
Vendor Fix
### Android
**Affected Products:**
Tab-Ex 01, Ex-Handy 09, Ex-Handy 209, Smart-Ex 01, Smart-Ex 201
Pepperl+Fuchs has released firmware updates for the following products:
| Product | Date | Update Source |
|---------------|-----------------------|----------------|
| Smart-Ex 01 | Available since 09/2018 | FOTA-Update |
| Smart-Ex 201 | Available since 10/2018 | FOTA-Update |
---
### Windows
**Affected Products:**
Pad-Ex 01, i.roc Ci70-Ex, CK70A-ATEX, CK71A-ATEX, CN70A-ATEX, CN70E-ATEX
For *ecom instruments* devices running Windows, we recommend to apply the security update provided by Microsoft.
If you are using **WPA-TKIP** in your WLAN, you should switch to **AES-CCMP** immediately.
> **Note:**
> This advisory will be updated as further details and/or software updates become available.
Wi-Fi Protected Access (WPA and WPA2) that supports IEEE 802.11w allows reinstallation of the Integrity Group Temporal Key (IGTK) during the group key handshake, allowing an attacker within radio range to spoof frames from access points to clients.
5.3 (Medium)
Vendor Fix
### Android
**Affected Products:**
Tab-Ex 01, Ex-Handy 09, Ex-Handy 209, Smart-Ex 01, Smart-Ex 201
Pepperl+Fuchs has released firmware updates for the following products:
| Product | Date | Update Source |
|---------------|-----------------------|----------------|
| Smart-Ex 01 | Available since 09/2018 | FOTA-Update |
| Smart-Ex 201 | Available since 10/2018 | FOTA-Update |
---
### Windows
**Affected Products:**
Pad-Ex 01, i.roc Ci70-Ex, CK70A-ATEX, CK71A-ATEX, CN70A-ATEX, CN70E-ATEX
For *ecom instruments* devices running Windows, we recommend to apply the security update provided by Microsoft.
If you are using **WPA-TKIP** in your WLAN, you should switch to **AES-CCMP** immediately.
> **Note:**
> This advisory will be updated as further details and/or software updates become available.
Wi-Fi Protected Access (WPA and WPA2) that supports IEEE 802.11r allows reinstallation of the Pairwise Transient Key (PTK) Temporal Key (TK) during the fast BSS transmission (FT) handshake, allowing an attacker within radio range to replay, decrypt, or spoof frames.
8.1 (High)
Vendor Fix
### Android
**Affected Products:**
Tab-Ex 01, Ex-Handy 09, Ex-Handy 209, Smart-Ex 01, Smart-Ex 201
Pepperl+Fuchs has released firmware updates for the following products:
| Product | Date | Update Source |
|---------------|-----------------------|----------------|
| Smart-Ex 01 | Available since 09/2018 | FOTA-Update |
| Smart-Ex 201 | Available since 10/2018 | FOTA-Update |
---
### Windows
**Affected Products:**
Pad-Ex 01, i.roc Ci70-Ex, CK70A-ATEX, CK71A-ATEX, CN70A-ATEX, CN70E-ATEX
For *ecom instruments* devices running Windows, we recommend to apply the security update provided by Microsoft.
If you are using **WPA-TKIP** in your WLAN, you should switch to **AES-CCMP** immediately.
> **Note:**
> This advisory will be updated as further details and/or software updates become available.
Wi-Fi Protected Access (WPA and WPA2) allows reinstallation of the Tunneled Direct-Link Setup (TDLS) Peer Key (TPK) during the TDLS handshake, allowing an attacker within radio range to replay, decrypt, or spoof frames.
6.8 (Medium)
Vendor Fix
### Android
**Affected Products:**
Tab-Ex 01, Ex-Handy 09, Ex-Handy 209, Smart-Ex 01, Smart-Ex 201
Pepperl+Fuchs has released firmware updates for the following products:
| Product | Date | Update Source |
|---------------|-----------------------|----------------|
| Smart-Ex 01 | Available since 09/2018 | FOTA-Update |
| Smart-Ex 201 | Available since 10/2018 | FOTA-Update |
---
### Windows
**Affected Products:**
Pad-Ex 01, i.roc Ci70-Ex, CK70A-ATEX, CK71A-ATEX, CN70A-ATEX, CN70E-ATEX
For *ecom instruments* devices running Windows, we recommend to apply the security update provided by Microsoft.
If you are using **WPA-TKIP** in your WLAN, you should switch to **AES-CCMP** immediately.
> **Note:**
> This advisory will be updated as further details and/or software updates become available.
Wi-Fi Protected Access (WPA and WPA2) that support 802.11v allows reinstallation of the Group Temporal Key (GTK) when processing a Wireless Network Management (WNM) Sleep Mode Response frame, allowing an attacker within radio range to replay frames from access points to clients.
5.3 (Medium)
Vendor Fix
### Android
**Affected Products:**
Tab-Ex 01, Ex-Handy 09, Ex-Handy 209, Smart-Ex 01, Smart-Ex 201
Pepperl+Fuchs has released firmware updates for the following products:
| Product | Date | Update Source |
|---------------|-----------------------|----------------|
| Smart-Ex 01 | Available since 09/2018 | FOTA-Update |
| Smart-Ex 201 | Available since 10/2018 | FOTA-Update |
---
### Windows
**Affected Products:**
Pad-Ex 01, i.roc Ci70-Ex, CK70A-ATEX, CK71A-ATEX, CN70A-ATEX, CN70E-ATEX
For *ecom instruments* devices running Windows, we recommend to apply the security update provided by Microsoft.
If you are using **WPA-TKIP** in your WLAN, you should switch to **AES-CCMP** immediately.
> **Note:**
> This advisory will be updated as further details and/or software updates become available.
Wi-Fi Protected Access (WPA and WPA2) that support 802.11v allows reinstallation of the Integrity Group Temporal Key (IGTK) when processing a Wireless Network Management (WNM) Sleep Mode Response frame, allowing an attacker within radio range to replay frames from access points to clients.
5.3 (Medium)
Vendor Fix
### Android
**Affected Products:**
Tab-Ex 01, Ex-Handy 09, Ex-Handy 209, Smart-Ex 01, Smart-Ex 201
Pepperl+Fuchs has released firmware updates for the following products:
| Product | Date | Update Source |
|---------------|-----------------------|----------------|
| Smart-Ex 01 | Available since 09/2018 | FOTA-Update |
| Smart-Ex 201 | Available since 10/2018 | FOTA-Update |
---
### Windows
**Affected Products:**
Pad-Ex 01, i.roc Ci70-Ex, CK70A-ATEX, CK71A-ATEX, CN70A-ATEX, CN70E-ATEX
For *ecom instruments* devices running Windows, we recommend to apply the security update provided by Microsoft.
If you are using **WPA-TKIP** in your WLAN, you should switch to **AES-CCMP** immediately.
> **Note:**
> This advisory will be updated as further details and/or software updates become available.
References
Acknowledgments
{
"document": {
"acknowledgments": [
{
"organization": "CERT@VDE",
"summary": "coordination",
"urls": [
"https://certvde.com"
]
},
{
"names": [
"Mathy Vanhoef"
],
"organization": "imec-DistriNet",
"summary": "reporting"
},
{
"names": [
"KU Leuven"
],
"summary": "reporting",
"urls": [
"https://www.krackattacks.com"
]
}
],
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en-GB",
"notes": [
{
"category": "summary",
"text": "Multiple security issues and vulnerabilities within the WPA2 standard have been identified and publicized by Mr. Mathy Vanhoef of KU Leuven. These vulnerabilities may allow the reinstallation of a pairwise transient key, a group key, or an integrity key on either a wireless client or a wireless access point (AP). In consequence, an attacker could establish a man-in-the-middle position between AP and client facilitating packet decryption and injection. \n \necom instruments is a subsidiary company of PEPPERL+FUCHS.",
"title": "Summary"
},
{
"category": "description",
"text": "ecom instruments devices are in theory attackable by replay, decryption and forging of packets. However, to perform the attack, the attacker must be significantly closer to the ecom device than to the access point. The WPA2 password cannot be compromised using a KRACK attack. Note if WPA-TKIP is used instead of AES-CCMP, an attacker can easily forge and inject packets directly into the WLAN.",
"title": "Impact"
},
{
"category": "description",
"text": "### Android\n\n**Affected Products:** \nTab-Ex 01, Ex-Handy 09, Ex-Handy 209, Smart-Ex 01, Smart-Ex 201\n\nPepperl+Fuchs has released firmware updates for the following products:\n\n| Product | Date | Update Source |\n|---------------|-----------------------|----------------|\n| Smart-Ex 01 | Available since 09/2018 | FOTA-Update |\n| Smart-Ex 201 | Available since 10/2018 | FOTA-Update |\n\n---\n\n### Windows\n\n**Affected Products:** \nPad-Ex 01, i.roc Ci70-Ex, CK70A-ATEX, CK71A-ATEX, CN70A-ATEX, CN70E-ATEX\n\nFor *ecom instruments* devices running Windows, we recommend to apply the security update provided by Microsoft. \nIf you are using **WPA-TKIP** in your WLAN, you should switch to **AES-CCMP** immediately.\n\n\u003e **Note:** \n\u003e This advisory will be updated as further details and/or software updates become available.",
"title": "Remediation"
}
],
"publisher": {
"category": "vendor",
"contact_details": "cert@pepperl-fuchs.com",
"name": "Pepperl+Fuchs SE",
"namespace": "https://www.pepperl-fuchs.com"
},
"references": [
{
"category": "self",
"summary": "VDE-2017-005: Pepperl+Fuchs / ecom instruments: WLAN enabled products utilizing WPA2 encryption - HTML",
"url": "https://certvde.com/en/advisories/VDE-2017-005/"
},
{
"category": "self",
"summary": "VDE-2017-005: Pepperl+Fuchs / ecom instruments: WLAN enabled products utilizing WPA2 encryption - CSAF",
"url": "https://pepperl-fuchs.csaf-tp.certvde.com/.well-known/csaf/white/2017/vde-2017-005.json"
},
{
"category": "external",
"summary": "Vendor PSIRT",
"url": "https://www.pepperl-fuchs.com"
},
{
"category": "external",
"summary": "CERT@VDE Security Advisories for Pepperl+Fuchs SE",
"url": "https://certvde.com/en/advisories/vendor/pepperl-fuchs/"
}
],
"title": "Pepperl+Fuchs / ecom instruments: WLAN enabled products utilizing WPA2 encryption",
"tracking": {
"aliases": [
"VDE-2017-005"
],
"current_release_date": "2018-10-23T10:00:00.000Z",
"generator": {
"date": "2025-06-17T05:29:38.549Z",
"engine": {
"name": "Secvisogram",
"version": "2.5.26"
}
},
"id": "VDE-2017-005",
"initial_release_date": "2017-12-11T13:26:00.000Z",
"revision_history": [
{
"date": "2017-12-11T13:26:00.000Z",
"number": "1.0.0",
"summary": "Initial revision."
},
{
"date": "2018-10-23T10:00:00.000Z",
"number": "1.1.0",
"summary": "Firmware for Android based devices now available."
}
],
"status": "final",
"version": "1.1.0"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "CK70A-ATEX vers:all/*",
"product_id": "CSAFPID-11001"
}
}
],
"category": "product_name",
"name": "CK70A-ATEX"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "CK71A-ATEX vers:all/*",
"product_id": "CSAFPID-11002"
}
}
],
"category": "product_name",
"name": "CK71A-ATEX"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "CN70A-ATEX vers:all/*",
"product_id": "CSAFPID-11003"
}
}
],
"category": "product_name",
"name": "CN70A-ATEX"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "CN70E-ATEX vers:all/*",
"product_id": "CSAFPID-11004"
}
}
],
"category": "product_name",
"name": "CN70E-ATEX"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "Ex-Handy 09 vers:all/*",
"product_id": "CSAFPID-11005"
}
}
],
"category": "product_name",
"name": "Ex-Handy 09"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "Ex-Handy 209 vers:all/*",
"product_id": "CSAFPID-11006"
}
}
],
"category": "product_name",
"name": "Ex-Handy 209"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "i.roc Ci70-Ex vers:all/*",
"product_id": "CSAFPID-11007"
}
}
],
"category": "product_name",
"name": "i.roc Ci70-Ex"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "Pad-Ex 01 vers:all/*",
"product_id": "CSAFPID-11008"
}
}
],
"category": "product_name",
"name": "Pad-Ex 01"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "Smart-Ex 01 vers:all/*",
"product_id": "CSAFPID-11009"
}
}
],
"category": "product_name",
"name": "Smart-Ex 01"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "Smart-Ex 201 vers:all/*",
"product_id": "CSAFPID-11010"
}
}
],
"category": "product_name",
"name": "Smart-Ex 201"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:all/*",
"product": {
"name": "Tab-Ex 01 vers:all/*",
"product_id": "CSAFPID-11011"
}
}
],
"category": "product_name",
"name": "Tab-Ex 01"
}
],
"category": "product_family",
"name": "Software"
}
],
"category": "vendor",
"name": "Vendor"
},
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "FOTA-Update",
"product": {
"name": "Android Firmware FOTA-Update",
"product_id": "CSAFPID-22001"
}
}
],
"category": "product_family",
"name": "Firmware"
}
],
"category": "vendor",
"name": "Android"
}
],
"product_groups": [
{
"group_id": "CSAFGID-0001",
"product_ids": [
"CSAFPID-11001",
"CSAFPID-11002",
"CSAFPID-11003",
"CSAFPID-11004",
"CSAFPID-11005",
"CSAFPID-11006",
"CSAFPID-11007",
"CSAFPID-11008",
"CSAFPID-11009",
"CSAFPID-11010",
"CSAFPID-11011"
],
"summary": "Affected products."
}
],
"relationships": [
{
"category": "installed_on",
"full_product_name": {
"name": "Android Firmware FOTA-Update installed on Smart-Ex 01 vers:all/*",
"product_id": "CSAFPID-32001"
},
"product_reference": "CSAFPID-22001",
"relates_to_product_reference": "CSAFPID-11009"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Android Firmware FOTA-Update installed on Smart-Ex 201 vers:all/*",
"product_id": "CSAFPID-32002"
},
"product_reference": "CSAFPID-22001",
"relates_to_product_reference": "CSAFPID-11010"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2017-13077",
"cwe": {
"id": "CWE-330",
"name": "Use of Insufficiently Random Values"
},
"notes": [
{
"category": "description",
"text": "Wi-Fi Protected Access (WPA and WPA2) allows reinstallation of the Pairwise Transient Key (PTK) Temporal Key (TK) during the four-way handshake, allowing an attacker within radio range to replay, decrypt, or spoof frames.",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-32001",
"CSAFPID-32002"
],
"known_affected": [
"CSAFPID-11001",
"CSAFPID-11002",
"CSAFPID-11003",
"CSAFPID-11004",
"CSAFPID-11005",
"CSAFPID-11006",
"CSAFPID-11007",
"CSAFPID-11008",
"CSAFPID-11009",
"CSAFPID-11010",
"CSAFPID-11011"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "### Android\n\n**Affected Products:** \nTab-Ex 01, Ex-Handy 09, Ex-Handy 209, Smart-Ex 01, Smart-Ex 201\n\nPepperl+Fuchs has released firmware updates for the following products:\n\n| Product | Date | Update Source |\n|---------------|-----------------------|----------------|\n| Smart-Ex 01 | Available since 09/2018 | FOTA-Update |\n| Smart-Ex 201 | Available since 10/2018 | FOTA-Update |\n\n---\n\n### Windows\n\n**Affected Products:** \nPad-Ex 01, i.roc Ci70-Ex, CK70A-ATEX, CK71A-ATEX, CN70A-ATEX, CN70E-ATEX\n\nFor *ecom instruments* devices running Windows, we recommend to apply the security update provided by Microsoft. \nIf you are using **WPA-TKIP** in your WLAN, you should switch to **AES-CCMP** immediately.\n\n\u003e **Note:** \n\u003e This advisory will be updated as further details and/or software updates become available.",
"group_ids": [
"CSAFGID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"environmentalScore": 6.8,
"environmentalSeverity": "MEDIUM",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 6.8,
"temporalSeverity": "MEDIUM",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.0"
},
"products": [
"CSAFPID-11001",
"CSAFPID-11002",
"CSAFPID-11003",
"CSAFPID-11004",
"CSAFPID-11005",
"CSAFPID-11006",
"CSAFPID-11007",
"CSAFPID-11008",
"CSAFPID-11009",
"CSAFPID-11010",
"CSAFPID-11011"
]
}
],
"title": "CVE-2017-13077"
},
{
"cve": "CVE-2017-13078",
"cwe": {
"id": "CWE-330",
"name": "Use of Insufficiently Random Values"
},
"notes": [
{
"category": "description",
"text": "Wi-Fi Protected Access (WPA and WPA2) allows reinstallation of the Group Temporal Key (GTK) during the four-way handshake, allowing an attacker within radio range to replay frames from access points to clients.",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-32001",
"CSAFPID-32002"
],
"known_affected": [
"CSAFPID-11001",
"CSAFPID-11002",
"CSAFPID-11003",
"CSAFPID-11004",
"CSAFPID-11005",
"CSAFPID-11006",
"CSAFPID-11007",
"CSAFPID-11008",
"CSAFPID-11009",
"CSAFPID-11010",
"CSAFPID-11011"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "### Android\n\n**Affected Products:** \nTab-Ex 01, Ex-Handy 09, Ex-Handy 209, Smart-Ex 01, Smart-Ex 201\n\nPepperl+Fuchs has released firmware updates for the following products:\n\n| Product | Date | Update Source |\n|---------------|-----------------------|----------------|\n| Smart-Ex 01 | Available since 09/2018 | FOTA-Update |\n| Smart-Ex 201 | Available since 10/2018 | FOTA-Update |\n\n---\n\n### Windows\n\n**Affected Products:** \nPad-Ex 01, i.roc Ci70-Ex, CK70A-ATEX, CK71A-ATEX, CN70A-ATEX, CN70E-ATEX\n\nFor *ecom instruments* devices running Windows, we recommend to apply the security update provided by Microsoft. \nIf you are using **WPA-TKIP** in your WLAN, you should switch to **AES-CCMP** immediately.\n\n\u003e **Note:** \n\u003e This advisory will be updated as further details and/or software updates become available.",
"group_ids": [
"CSAFGID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"environmentalScore": 5.3,
"environmentalSeverity": "MEDIUM",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 5.3,
"temporalSeverity": "MEDIUM",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.0"
},
"products": [
"CSAFPID-11001",
"CSAFPID-11002",
"CSAFPID-11003",
"CSAFPID-11004",
"CSAFPID-11005",
"CSAFPID-11006",
"CSAFPID-11007",
"CSAFPID-11008",
"CSAFPID-11009",
"CSAFPID-11010",
"CSAFPID-11011"
]
}
],
"title": "CVE-2017-13078"
},
{
"cve": "CVE-2017-13080",
"cwe": {
"id": "CWE-330",
"name": "Use of Insufficiently Random Values"
},
"notes": [
{
"category": "description",
"text": "Wi-Fi Protected Access (WPA and WPA2) allows reinstallation of the Group Temporal Key (GTK) during the group key handshake, allowing an attacker within radio range to replay frames from access points to clients.",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-32001",
"CSAFPID-32002"
],
"known_affected": [
"CSAFPID-11001",
"CSAFPID-11002",
"CSAFPID-11003",
"CSAFPID-11004",
"CSAFPID-11005",
"CSAFPID-11006",
"CSAFPID-11007",
"CSAFPID-11008",
"CSAFPID-11009",
"CSAFPID-11010",
"CSAFPID-11011"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "### Android\n\n**Affected Products:** \nTab-Ex 01, Ex-Handy 09, Ex-Handy 209, Smart-Ex 01, Smart-Ex 201\n\nPepperl+Fuchs has released firmware updates for the following products:\n\n| Product | Date | Update Source |\n|---------------|-----------------------|----------------|\n| Smart-Ex 01 | Available since 09/2018 | FOTA-Update |\n| Smart-Ex 201 | Available since 10/2018 | FOTA-Update |\n\n---\n\n### Windows\n\n**Affected Products:** \nPad-Ex 01, i.roc Ci70-Ex, CK70A-ATEX, CK71A-ATEX, CN70A-ATEX, CN70E-ATEX\n\nFor *ecom instruments* devices running Windows, we recommend to apply the security update provided by Microsoft. \nIf you are using **WPA-TKIP** in your WLAN, you should switch to **AES-CCMP** immediately.\n\n\u003e **Note:** \n\u003e This advisory will be updated as further details and/or software updates become available.",
"group_ids": [
"CSAFGID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"environmentalScore": 5.3,
"environmentalSeverity": "MEDIUM",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 5.3,
"temporalSeverity": "MEDIUM",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.0"
},
"products": [
"CSAFPID-11001",
"CSAFPID-11002",
"CSAFPID-11003",
"CSAFPID-11004",
"CSAFPID-11005",
"CSAFPID-11006",
"CSAFPID-11007",
"CSAFPID-11008",
"CSAFPID-11009",
"CSAFPID-11010",
"CSAFPID-11011"
]
}
],
"title": "CVE-2017-13080"
},
{
"cve": "CVE-2017-13079",
"cwe": {
"id": "CWE-330",
"name": "Use of Insufficiently Random Values"
},
"notes": [
{
"category": "description",
"text": "Wi-Fi Protected Access (WPA and WPA2) that supports IEEE 802.11w allows reinstallation of the Integrity Group Temporal Key (IGTK) during the four-way handshake, allowing an attacker within radio range to spoof frames from access points to clients.",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-32001",
"CSAFPID-32002"
],
"known_affected": [
"CSAFPID-11001",
"CSAFPID-11002",
"CSAFPID-11003",
"CSAFPID-11004",
"CSAFPID-11005",
"CSAFPID-11006",
"CSAFPID-11007",
"CSAFPID-11008",
"CSAFPID-11009",
"CSAFPID-11010",
"CSAFPID-11011"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "### Android\n\n**Affected Products:** \nTab-Ex 01, Ex-Handy 09, Ex-Handy 209, Smart-Ex 01, Smart-Ex 201\n\nPepperl+Fuchs has released firmware updates for the following products:\n\n| Product | Date | Update Source |\n|---------------|-----------------------|----------------|\n| Smart-Ex 01 | Available since 09/2018 | FOTA-Update |\n| Smart-Ex 201 | Available since 10/2018 | FOTA-Update |\n\n---\n\n### Windows\n\n**Affected Products:** \nPad-Ex 01, i.roc Ci70-Ex, CK70A-ATEX, CK71A-ATEX, CN70A-ATEX, CN70E-ATEX\n\nFor *ecom instruments* devices running Windows, we recommend to apply the security update provided by Microsoft. \nIf you are using **WPA-TKIP** in your WLAN, you should switch to **AES-CCMP** immediately.\n\n\u003e **Note:** \n\u003e This advisory will be updated as further details and/or software updates become available.",
"group_ids": [
"CSAFGID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"environmentalScore": 5.3,
"environmentalSeverity": "MEDIUM",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 5.3,
"temporalSeverity": "MEDIUM",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.0"
},
"products": [
"CSAFPID-11001",
"CSAFPID-11002",
"CSAFPID-11003",
"CSAFPID-11004",
"CSAFPID-11005",
"CSAFPID-11006",
"CSAFPID-11007",
"CSAFPID-11008",
"CSAFPID-11009",
"CSAFPID-11010",
"CSAFPID-11011"
]
}
],
"title": "CVE-2017-13079"
},
{
"cve": "CVE-2017-13081",
"cwe": {
"id": "CWE-330",
"name": "Use of Insufficiently Random Values"
},
"notes": [
{
"category": "description",
"text": "Wi-Fi Protected Access (WPA and WPA2) that supports IEEE 802.11w allows reinstallation of the Integrity Group Temporal Key (IGTK) during the group key handshake, allowing an attacker within radio range to spoof frames from access points to clients.",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-32001",
"CSAFPID-32002"
],
"known_affected": [
"CSAFPID-11001",
"CSAFPID-11002",
"CSAFPID-11003",
"CSAFPID-11004",
"CSAFPID-11005",
"CSAFPID-11006",
"CSAFPID-11007",
"CSAFPID-11008",
"CSAFPID-11009",
"CSAFPID-11010",
"CSAFPID-11011"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "### Android\n\n**Affected Products:** \nTab-Ex 01, Ex-Handy 09, Ex-Handy 209, Smart-Ex 01, Smart-Ex 201\n\nPepperl+Fuchs has released firmware updates for the following products:\n\n| Product | Date | Update Source |\n|---------------|-----------------------|----------------|\n| Smart-Ex 01 | Available since 09/2018 | FOTA-Update |\n| Smart-Ex 201 | Available since 10/2018 | FOTA-Update |\n\n---\n\n### Windows\n\n**Affected Products:** \nPad-Ex 01, i.roc Ci70-Ex, CK70A-ATEX, CK71A-ATEX, CN70A-ATEX, CN70E-ATEX\n\nFor *ecom instruments* devices running Windows, we recommend to apply the security update provided by Microsoft. \nIf you are using **WPA-TKIP** in your WLAN, you should switch to **AES-CCMP** immediately.\n\n\u003e **Note:** \n\u003e This advisory will be updated as further details and/or software updates become available.",
"group_ids": [
"CSAFGID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"environmentalScore": 5.3,
"environmentalSeverity": "MEDIUM",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 5.3,
"temporalSeverity": "MEDIUM",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.0"
},
"products": [
"CSAFPID-11001",
"CSAFPID-11002",
"CSAFPID-11003",
"CSAFPID-11004",
"CSAFPID-11005",
"CSAFPID-11006",
"CSAFPID-11007",
"CSAFPID-11008",
"CSAFPID-11009",
"CSAFPID-11010",
"CSAFPID-11011"
]
}
],
"title": "CVE-2017-13081"
},
{
"cve": "CVE-2017-13082",
"cwe": {
"id": "CWE-330",
"name": "Use of Insufficiently Random Values"
},
"notes": [
{
"category": "description",
"text": "Wi-Fi Protected Access (WPA and WPA2) that supports IEEE 802.11r allows reinstallation of the Pairwise Transient Key (PTK) Temporal Key (TK) during the fast BSS transmission (FT) handshake, allowing an attacker within radio range to replay, decrypt, or spoof frames.",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-32001",
"CSAFPID-32002"
],
"known_affected": [
"CSAFPID-11001",
"CSAFPID-11002",
"CSAFPID-11003",
"CSAFPID-11004",
"CSAFPID-11005",
"CSAFPID-11006",
"CSAFPID-11007",
"CSAFPID-11008",
"CSAFPID-11009",
"CSAFPID-11010",
"CSAFPID-11011"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "### Android\n\n**Affected Products:** \nTab-Ex 01, Ex-Handy 09, Ex-Handy 209, Smart-Ex 01, Smart-Ex 201\n\nPepperl+Fuchs has released firmware updates for the following products:\n\n| Product | Date | Update Source |\n|---------------|-----------------------|----------------|\n| Smart-Ex 01 | Available since 09/2018 | FOTA-Update |\n| Smart-Ex 201 | Available since 10/2018 | FOTA-Update |\n\n---\n\n### Windows\n\n**Affected Products:** \nPad-Ex 01, i.roc Ci70-Ex, CK70A-ATEX, CK71A-ATEX, CN70A-ATEX, CN70E-ATEX\n\nFor *ecom instruments* devices running Windows, we recommend to apply the security update provided by Microsoft. \nIf you are using **WPA-TKIP** in your WLAN, you should switch to **AES-CCMP** immediately.\n\n\u003e **Note:** \n\u003e This advisory will be updated as further details and/or software updates become available.",
"group_ids": [
"CSAFGID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "NONE",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"environmentalScore": 8.1,
"environmentalSeverity": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 8.1,
"temporalSeverity": "HIGH",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.0"
},
"products": [
"CSAFPID-11001",
"CSAFPID-11002",
"CSAFPID-11003",
"CSAFPID-11004",
"CSAFPID-11005",
"CSAFPID-11006",
"CSAFPID-11007",
"CSAFPID-11008",
"CSAFPID-11009",
"CSAFPID-11010",
"CSAFPID-11011"
]
}
],
"title": "CVE-2017-13082"
},
{
"cve": "CVE-2017-13086",
"cwe": {
"id": "CWE-330",
"name": "Use of Insufficiently Random Values"
},
"notes": [
{
"category": "description",
"text": "Wi-Fi Protected Access (WPA and WPA2) allows reinstallation of the Tunneled Direct-Link Setup (TDLS) Peer Key (TPK) during the TDLS handshake, allowing an attacker within radio range to replay, decrypt, or spoof frames.",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-32001",
"CSAFPID-32002"
],
"known_affected": [
"CSAFPID-11001",
"CSAFPID-11002",
"CSAFPID-11003",
"CSAFPID-11004",
"CSAFPID-11005",
"CSAFPID-11006",
"CSAFPID-11007",
"CSAFPID-11008",
"CSAFPID-11009",
"CSAFPID-11010",
"CSAFPID-11011"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "### Android\n\n**Affected Products:** \nTab-Ex 01, Ex-Handy 09, Ex-Handy 209, Smart-Ex 01, Smart-Ex 201\n\nPepperl+Fuchs has released firmware updates for the following products:\n\n| Product | Date | Update Source |\n|---------------|-----------------------|----------------|\n| Smart-Ex 01 | Available since 09/2018 | FOTA-Update |\n| Smart-Ex 201 | Available since 10/2018 | FOTA-Update |\n\n---\n\n### Windows\n\n**Affected Products:** \nPad-Ex 01, i.roc Ci70-Ex, CK70A-ATEX, CK71A-ATEX, CN70A-ATEX, CN70E-ATEX\n\nFor *ecom instruments* devices running Windows, we recommend to apply the security update provided by Microsoft. \nIf you are using **WPA-TKIP** in your WLAN, you should switch to **AES-CCMP** immediately.\n\n\u003e **Note:** \n\u003e This advisory will be updated as further details and/or software updates become available.",
"group_ids": [
"CSAFGID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"environmentalScore": 6.8,
"environmentalSeverity": "MEDIUM",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 6.8,
"temporalSeverity": "MEDIUM",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.0"
},
"products": [
"CSAFPID-11001",
"CSAFPID-11002",
"CSAFPID-11003",
"CSAFPID-11004",
"CSAFPID-11005",
"CSAFPID-11006",
"CSAFPID-11007",
"CSAFPID-11008",
"CSAFPID-11009",
"CSAFPID-11010",
"CSAFPID-11011"
]
}
],
"title": "CVE-2017-13086"
},
{
"cve": "CVE-2017-13087",
"cwe": {
"id": "CWE-330",
"name": "Use of Insufficiently Random Values"
},
"notes": [
{
"category": "description",
"text": "Wi-Fi Protected Access (WPA and WPA2) that support 802.11v allows reinstallation of the Group Temporal Key (GTK) when processing a Wireless Network Management (WNM) Sleep Mode Response frame, allowing an attacker within radio range to replay frames from access points to clients.",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-32001",
"CSAFPID-32002"
],
"known_affected": [
"CSAFPID-11001",
"CSAFPID-11002",
"CSAFPID-11003",
"CSAFPID-11004",
"CSAFPID-11005",
"CSAFPID-11006",
"CSAFPID-11007",
"CSAFPID-11008",
"CSAFPID-11009",
"CSAFPID-11010",
"CSAFPID-11011"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "### Android\n\n**Affected Products:** \nTab-Ex 01, Ex-Handy 09, Ex-Handy 209, Smart-Ex 01, Smart-Ex 201\n\nPepperl+Fuchs has released firmware updates for the following products:\n\n| Product | Date | Update Source |\n|---------------|-----------------------|----------------|\n| Smart-Ex 01 | Available since 09/2018 | FOTA-Update |\n| Smart-Ex 201 | Available since 10/2018 | FOTA-Update |\n\n---\n\n### Windows\n\n**Affected Products:** \nPad-Ex 01, i.roc Ci70-Ex, CK70A-ATEX, CK71A-ATEX, CN70A-ATEX, CN70E-ATEX\n\nFor *ecom instruments* devices running Windows, we recommend to apply the security update provided by Microsoft. \nIf you are using **WPA-TKIP** in your WLAN, you should switch to **AES-CCMP** immediately.\n\n\u003e **Note:** \n\u003e This advisory will be updated as further details and/or software updates become available.",
"group_ids": [
"CSAFGID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"environmentalScore": 5.3,
"environmentalSeverity": "MEDIUM",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 5.3,
"temporalSeverity": "MEDIUM",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.0"
},
"products": [
"CSAFPID-11001",
"CSAFPID-11002",
"CSAFPID-11003",
"CSAFPID-11004",
"CSAFPID-11005",
"CSAFPID-11006",
"CSAFPID-11007",
"CSAFPID-11008",
"CSAFPID-11009",
"CSAFPID-11010",
"CSAFPID-11011"
]
}
],
"title": "CVE-2017-13087"
},
{
"cve": "CVE-2017-13088",
"cwe": {
"id": "CWE-330",
"name": "Use of Insufficiently Random Values"
},
"notes": [
{
"category": "description",
"text": "Wi-Fi Protected Access (WPA and WPA2) that support 802.11v allows reinstallation of the Integrity Group Temporal Key (IGTK) when processing a Wireless Network Management (WNM) Sleep Mode Response frame, allowing an attacker within radio range to replay frames from access points to clients.",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-32001",
"CSAFPID-32002"
],
"known_affected": [
"CSAFPID-11001",
"CSAFPID-11002",
"CSAFPID-11003",
"CSAFPID-11004",
"CSAFPID-11005",
"CSAFPID-11006",
"CSAFPID-11007",
"CSAFPID-11008",
"CSAFPID-11009",
"CSAFPID-11010",
"CSAFPID-11011"
]
},
"remediations": [
{
"category": "vendor_fix",
"details": "### Android\n\n**Affected Products:** \nTab-Ex 01, Ex-Handy 09, Ex-Handy 209, Smart-Ex 01, Smart-Ex 201\n\nPepperl+Fuchs has released firmware updates for the following products:\n\n| Product | Date | Update Source |\n|---------------|-----------------------|----------------|\n| Smart-Ex 01 | Available since 09/2018 | FOTA-Update |\n| Smart-Ex 201 | Available since 10/2018 | FOTA-Update |\n\n---\n\n### Windows\n\n**Affected Products:** \nPad-Ex 01, i.roc Ci70-Ex, CK70A-ATEX, CK71A-ATEX, CN70A-ATEX, CN70E-ATEX\n\nFor *ecom instruments* devices running Windows, we recommend to apply the security update provided by Microsoft. \nIf you are using **WPA-TKIP** in your WLAN, you should switch to **AES-CCMP** immediately.\n\n\u003e **Note:** \n\u003e This advisory will be updated as further details and/or software updates become available.",
"group_ids": [
"CSAFGID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"environmentalScore": 5.3,
"environmentalSeverity": "MEDIUM",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 5.3,
"temporalSeverity": "MEDIUM",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.0"
},
"products": [
"CSAFPID-11001",
"CSAFPID-11002",
"CSAFPID-11003",
"CSAFPID-11004",
"CSAFPID-11005",
"CSAFPID-11006",
"CSAFPID-11007",
"CSAFPID-11008",
"CSAFPID-11009",
"CSAFPID-11010",
"CSAFPID-11011"
]
}
],
"title": "CVE-2017-13088"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…