Microchip logo
Microchip logo
  • All
  • Products
  • Documents
  • Applications Notes

VU#228519 - Wi-Fi Protected Access II (WPA2) Vulnerabilities

Recent studies have shown that the WPA2 (Wi-Fi Protected Access II) protocol, which is a widely used Wi-Fi security mechanism, is vulnerable to a Key Reinstallation attack (KRACK). This vulnerability is in the standard definition and not in a specific implementation.

Microchip is committed to providing secure and robust solutions and as such, we are making continuous effort to follow latest industry practices and recommendations.

Information regarding our Wi-Fi products

WINC15x0 Family

New updated firmware with fixes for KRACK can be found here:

The firmware is recommended for all customers who are currently using the WINC15x0 Rev B silicon.

Part numbers:

  • ATWINC1500-MR210PB
  • ATWINC1510-MR210PB
  • ATWINC1500-MR210UB
  • ATWINC1510-MR210UB
  • ATWINC1500B
  • ATWINC1510B

 

RN171 / RN131

New updated firmware with fixes for KRACK can be found on the product pages:

RN1723

New updated firmware with fixes for KRACK can be found on the product page:

MRF24Wx0MA/MB

For the latest firmware with fixes for KRACK, please order using the part numbers below:

  • MRF24WG0MA-I/RM110
  • MRF24WG0MB-I/RM110
  • MRF24WG0MBT-I/RM110

RN1810

Affected - will advise a fix soon

WILC1000 / WILC3000 Linux

As the vulnerabilities are related to the WPA2 protocol which is implemented on the Linux Host WPA Supplicant – We highly encourage our customers to identify the needed patches for WPA Supplicant.

The WILC1000 / WILC3000 firmware doesn’t implement any part of the WPA2 handshake or protocol.

Vulnerability Potential Impact:

An attacker within range of an affected access point (AP) and client may leverage these vulnerabilities to conduct attacks that are dependent on the data confidentiality protocols being used. Attacks may include arbitrary packet decryption and injection, TCP connection hijacking, HTTP content injection, or the replay of unicast and group-addressed frames.

Detailed information about these vulnerabilities can be found here:

  • CVE-2017-13077: reinstallation of the pairwise key in the Four-way handshake
  • CVE-2017-13078: reinstallation of the group key in the Four-way handshake
  • CVE-2017-13079: reinstallation of the integrity group key in the Four-way handshake
  • CVE-2017-13080: reinstallation of the group key in the Group Key handshake
  • CVE-2017-13081: reinstallation of the integrity group key in the Group Key handshake
  • CVE-2017-13082: accepting a retransmitted Fast BSS Transition Re-association Request and reinstalling the pairwise key while processing it
  • CVE-2017-13084: reinstallation of the STK key in the Peer-Key handshake 
  • CVE-2017-13086: reinstallation of the Tunneled Direct-Link Setup (TDLS) Peer-Key (TPK) key in the TDLS handshake
  • CVE-2017-13087: reinstallation of the group key (GTK) when processing a Wireless Network Management (WNM) Sleep Mode Response frame
  • CVE-2017-13088: reinstallation of the integrity group key (IGTK) when processing a Wireless Network Management (WNM) Sleep Mode Response frame