Vulnerability of handshake traffic on Wi-Fi Protected Access II (WPA2)
Allied Telesis K.K.
Release 2017年10月19日
Updated 2018年05月08日
Wireless products have possibility of WPA2 vulnerability. 1) Summary Wi-Fi Protected Access II (WPA2) contains multiple vulnerabilities. Mainly they affect the WPA2 Client, however some vulnerabilities also related to the AP side. 2) Target Products Wireless products (Including Partner Products) 2-1) Affected MWS AP Series (since version 2.0.0) - AT-MWS600AP - AT-MWS900AP - AT-MWS1750AP - AT-MWS2533AP 2-2) Not Affected TQ Series (All version) - AT-TQ2403 - AT-TQ2403EX - AT-TQ2450 - AT-TQ3200 - AT-TQ3400 - AT-TQ3600 - AT-TQ4400 - AT-TQ4400e - AT-TQ4600 UWC Series - AT-UWC - AT-UWC-APL Extricom Products 3) Impact Wireless products connected by using WPA2 possiblity of being attacked. Attacks may include arbitrary packet decryption and injection, TCP connection hijacking, and so on. These attacks will cause information leakage. 4) Workarounds You can avoid this vulnerability with the following workarounds. MWS AP Series 4-1) Disabling Fast Roaming 4-2) Firmware upgrade On AT-MWS600AP, AT-MWS1750AP and AT-MWS2533AP, this issue has fixed in version after 2.2.3. On AT-MWS900AP it has fixed in version after 2.0.2.