TTCSIRT-259.010620: TT-CSIRT ADVISORY- DRAGONBLOOD VULNERABILITIES
Multiple vulnerabilities, referred to as Dragonblood, exist in WiFi WPA3 standard implementation .
Dragonblood vulnerabilities impacting WiFi WPA3 standard implementations can cause password leak, denial of service or authorization bypass. They consist it:
CVE-2019-9494: SAE cache attack against ECC groups (SAE side-channel attacks)
CVE-2019-9495: EAP-PWD cache attack against ECC groups (EAP-PWD side-channel attack)
CVE-2019-9496: SAE confirm missing state validation
CVE-2019-9497: EAP-PWD reflection attack (EAP-PWD missing commit validation)
CVE-2019-9498: EAP-PWD server missing commit validation for scalar/element
CVE-2019-9499: EAP-PWD peer missing commit validation for scalar/element
Impact: Side-channel attack, Denial of service
Affected Products: FortiOS and FortiAP-S/W2 are only impacted by:
CVE-2019-9494
CVE-2019-9495
CVE-2019-9496
Meru AP and Meru Controller are only impacted by:
CVE-2019-9496
Solutions:
FortiOS:
CVE-2019-9494 upgrade to FortiOS 6.2.2
CVE-2019-9495 upgrade to FortiOS 6.2.2
CVE-2019-9496 upgrade to FortiOS 6.2.3
FortiAP-S/W2:
CVE-2019-9494 upgrade to FortiAP-S/W2 6.2.1
CVE-2019-9495 upgrade to FortiAP-S/W2 6.2.1
CVE-2019-9496 upgrade to FortiAP-S/W2 6.2.2
Meru AP:
CVE-2019-9496 upgrade to Meru AP 8.5.1
Meru Controller:
CVE-2019-9496 upgrade to Meru Controller 8.5.1
The Trinidad and Tobago Cyber Security Incident Response Team (TTCSIRT) encourages users and administrators to review and apply the necessary updates for the following:
FortiOS:
CVE-2019-9494 ,CVE-2019-9495 and CVE-2019-9496
FortiAP-S/W2:
CVE-2019-9494 upgrade to FortiAP-S/W2 6.2.1
CVE-2019-9495 upgrade to FortiAP-S/W2 6.2.1
CVE-2019-9496 upgrade to FortiAP-S/W2 6.2.2
Meru AP:
CVE-2019-9496 upgrade to Meru AP 8.5.1
Meru Controller:
CVE-2019-9496 upgrade to Meru Controller 8.5.1
For further review please see the following link:
References