Author Topic: KRACKs WPA2 Vulnerability  (Read 13125 times)

Texturtle

  • Administrator
  • *****
  • Posts: 893
  • RAID is NOT a substitute for a good backup
KRACKs WPA2 Vulnerability
« on: October 20, 2017, 08:50:12 AM »
In WPA2, the wireless LAN encryption technology, there was an announcement that there is a vulnerability called "KRACKs".

Since this is a vulnerability depending on the implementation of the "slave" function of the WPA 2 standard, there is a possible vulnerability when using wireless client / bridge product and wireless routers which have relay functions (WB · WDS, etc.) supporting WPA 2.

We are currently conducting investigations of our products, we will publish information concerning which products are impacted and countermeasures when available.

Please note that if you are not using relay functions (WB · WDS, etc.) with the wireless router, there is no vulnerability, so please use with confidence.


Products without KRACKs issues

 WXR-1900 series
 WXR-190X series
 WXR-1750 series
 WXR-175X series
 WSR-300HP series
 WAPM series
 WAPS series

As soon as vulnerable products are identified we will release a firmware update that will eliminate the vulnerability of the applicable product.
Please update the firmware as soon as it is released.
« Last Edit: December 12, 2017, 09:39:36 AM by Texturtle »

Texturtle

  • Administrator
  • *****
  • Posts: 893
  • RAID is NOT a substitute for a good backup
Re: KRACKs WPA2 Vulnerability
« Reply #1 on: November 10, 2017, 02:07:25 PM »
Buffalo is aware of the recently-publicized security exploit “KRACK”.

Since this vulnerability exploits the client function of the WPA2 standard, it affects wireless USB adapters and wireless routers with bridge mode that support WPA2 (WB · WDS, etc.).

Buffalo is currently investigating its product line to determine which products may be affected by this vulnerability. As the investigation progresses, Buffalo will update this public release with information regarding affected products.


Affected Products (US)
Current Products

Wireless Routers: WHR-300HP2 Series, WSR-1166DD Series, WSR-600DD Series, WZR-600DHP Series, and WHR-300HP2D Series.

We will release a fixed firmware soon. Please update the firmware as soon as it is released.


                                    
Wireless USB Adapters: WI-U2-433DM Series, WI-UC-GNM Series, and WI-U2-300D Series.   

We will release a fixed driver soon. Please update the driver as soon as it is released.
                                    
                                    

Discontinued Products (US)

Wireless Routers: WZR-900DHP Series, WZR-600DHP2 Series, WZR-300HP Series, WXR-1900DHPD Series, WZR-1750DHPD Series, WZR-600DHP2D Series, WZR-450HP2D Series, WZR-HP-AG300H Series, WZR-HP-G450H Series, WZR-HP-G300NH Series, WZR-HP-G300NH2 Series, WHR-600D Series, and WHR-1166D Series.

WHR-1166D updated

We will release a fixed firmware soon. Please update the firmware as soon as it is released.

The following routers have firmware updates available:

WZR-300HP DD-WRT Firmware 30356
WHR-300HP2D DD-WRT Firmware 30357
WZR-600DHP2D DD-WRT Firmware 30357
WZR-600DHP DD-WRT Firmware 30356
WZR-1750DHPD DD-WRT Firmware 30357
WZR-HP-AG300H DD-WRT Firmware 30356
WZR-HP-G300NH DD-WRT Firmware 30356
WZR-HP-G300NH2 DD-WRT Firmware 30356
WZR-HP-G450H DD-WRT Firmware 30357
WZR-HP-G450HP2D DD-WRT Firmware 30356
WZR-1900DHPD DD-WRT NXT Firmware 1.5.5
WSR-600DD DD-WRT NXT Firmware 1.5.5
WSR-1166DD DD-WRT NXT Firmware 1.5.5



                      
Wireless USB Adapters: WLI-UTX-AG300 Series, WLI-UC-G300HP Series, and WLI-TX4-AG300N Series.

We will release a fixed driver soon. Please update the driver as soon as it is released.
   

If you are not using the wireless router in bridge mode (WB · WDS etc.), it will not be affected.
Please check the following to confirm whether bridge mode is in use. (The confirmation method differs depending on the product, so please refer each product’s manual on bridge mode.)


If you set the unit rear switch to "AUTO" during product setup, bridge mode is not enabled.
If you set the unit rear switch to "MANUAL" during product setup and "ROUTER" or "AP" is selected on the switch, bridge mode is not enabled.
If you set the unit rear switch to "MANUAL" during product setup and "WB" is selected on the switch, bridge mode is enabled.

Confirmed Unaffected Products

Current Products

Wireless Router   
WXR-1900DHP Series and WSR-300HP Series: These products can be used safely even in bridge mode. While bridge mode is enabled, the unit rear switch will be set to "WB".
      
Wireless Access Point
WAPM Series and WAPS Series: These products can be used safely as repeaters (WDS enabled).



Discontinued Products

Wireless Router   WMR-433 Series and WMR-300/300S Series   These products can be used safely in bridge mode.

WMR-433 updated, can be used in router mode
      


Workarounds
As soon as the affected products are identified, we will release firmware that patches the vulnerability.
Buffalo strongly recommends that you download the latest firmware as soon as possible after the fixed firmware becomes available.


For inquiries regarding this matter, please contact support@buffalotech.com.

« Last Edit: March 26, 2018, 11:38:41 AM by Texturtle »