cancel
Showing results for 
Search instead for 
Did you mean: 
SamPirok
Community Manager Community Manager
Community Manager

Summary

The adversary can override a security context that the AP associates with a client by spoofing the MAC address of the client and then connecting to the AP. This causes the AP to encrypt traffic towards this client using session keys that the adversary possesses.

 

Products Potentially Affected

OS/Product Exposure
IQ Engine (HiveOS) Yes
Extreme Wireless (IdentiFi) Yes
WiNG Yes

 

Repair Recommendations

  • IQ Engine (HiveOS):
    • PMF and higher level TLS security are recommended.
  • Extreme Wireless (IdentiFi):
    • PMF and higher level TLS security are recommended.
  • WiNG:
    • PMF and higher level TLS security are recommended.
  • Wi-Fi systems should be used with WIPS, like ADSP. ADSP has MAC Spoof Activity Observed alarm which can identify the adversary.

 

Please see the full security advisory article here for more details and updates.

GTM-P2G8KFN