-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Aruba Product Security Advisory =============================== Advisory ID: ARUBA-PSA-2017-007 CVE: CVE-2017-13077, CVE-2017-13078, CVE-2017-13079, CVE-2017-13080, CVE-2017-13081, CVE-2017-13082, CVE-2017-13084, CVE-2017-13086, CVE-2017-13087, CVE-2017-13088 Publication Date: 2017-Oct-16 Status: Confirmed Revision: 2 Title ===== WPA2 Key Reinstallation Vulnerabilities Overview ======== Common industry-wide flaws in WPA2 key management may allow an attacker to decrypt, replay, and forge some frames on a WPA2 encrypted network. The accompanying FAQ document provides more extensive details. Affected Products ================= -- ArubaOS (all versions prior to 6.3.1.25) -- ArubaOS 6.4 prior to 6.4.4.16 -- ArubaOS 6.5.x prior to 6.5.1.9 -- ArubaOS 6.5.2.x -- ArubaOS 6.5.3 prior to 6.5.3.3 -- ArubaOS 6.5.4 prior to 6.5.4.2 -- ArubaOS 8.x prior to 8.1.0.4 -- Aruba Instant (all versions prior to 6.4.2.6-4.1.3.5) -- Aruba Instant 4.2 prior to 6.4.4.8-4.2.4.9 -- Aruba Instant 4.3 prior to 6.5.1.5-4.3.1.6 -- Aruba Instant 6.5.x prior to 6.5.3.3 -- Aruba Instant 6.5.4 prior to 6.5.4.2 -- Clarity Engine 1.0 -- HP 501 Wireless Client Bridge prior to 1.0.1.3 -- Aruba 501 Wireless Client Bridge prior to 2.0.0.1 -- Aruba AirMesh MSR series prior to version 4.7.0.4 FIPS and non-FIPS versions of software are both affected equally. Details ======= See the accompanying FAQ document published by Aruba for more detailed information. Reinstallation of the pairwise key in the 4-way handshake (CVE-2017-13077) Reinstallation of the group key in the 4-way handshake (CVE-2017-13078) Reinstallation of the integrity group key in the 4-way handshake (CVE-2017-13079) Reinstallation of the group key in the group key handshake (CVE-2017-13080) Reinstallation of the integrity group key in the group key handshake (CVE-2017-13081) ------------------------------------------------------------------------------------- ArubaOS and InstantOS are not affected by the above vulnerabilities while acting as an authenticator (i.e. operating in standard AP mode). ArubaOS APs are affected by the above vulnerabilities while acting as a Wi-Fi supplicant in the following modes: - Mesh InstantOS is affected by the above vulnerabilities while acting as a Wi-Fi supplicant in the following modes: - Mesh - Wi-Fi Uplink Clarity Engine is a beta feature being tested by a limited number of customers. The product is affected by the above vulnerabilities. The Aruba 501 Client Bridge is affected by the above vulnerabilities. The Aruba AirMesh MSR series are affected by the above vulnerabilities. Severity: Medium CVSSv3 Overall Score: 6.7 CVSS Vector: CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N Accepting a retransmitted FT Reassociation Request (CVE-2017-13082) ------------------------------------------------------------------- ArubaOS and InstantOS are affected by this vulnerability in both authenticator and supplicant modes. The Aruba 501 Client Bridge does not support 802.11r and is not affected by this vulnerability. The Aruba AirMesh MSR series are not affected by these vulnerabilities. Severity: Medium CVSSv3 Overall Score: 6.7 CVSS Vector: CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N Reinstallation of the STK key in the PeerKey handshake (CVE-2017-13084) Reinstallation of the Tunneled Direct-Link Setup PeerKey (CVE-2017-13086) Reinstallation of the Group Key when processing a WNM Sleep Mode Response (CVE-2017-13087) Reinstallation of the Integrity Group Key when processing a WNM Sleep Mode Response (CVE-2017-13088) ---------------------------------------------------------------------------------------------------- Aruba products are not affected by these vulnerabilities. Resolution ========== All listed vulnerabilities have been fixed in the following ArubaOS patch releases, which are available for download immediately from support.arubanetworks.com: -- 6.3.1.25 -- 6.4.4.16 -- 6.5.1.9 -- 6.5.3.3 -- 6.5.4.2 -- 8.1.0.4 All listed vulnerabilities have been fixed in the following InstantOS patch releases, which are available for download immediately: -- 6.4.2.6-4.1.3.5 -- 6.4.4.8-4.2.4.9 -- 6.5.1.5-4.3.1.6 -- 6.5.3.3 -- 6.5.4.2 These vulnerabilities have been fixed in Clarity Engine 1.0.0.1. These vulnerabilities have been fixed in the following Aruba 501 Client Bridge software versions: -- V1.0.1.3-HP501-B0012 -- V2.0.0.1-Aruba501-B0013 Aruba 501 Client Bridge software is available through the HPE My Networking Portal site. These vulnerabilities have been fixed in AirMesh MeshOS 4.7.0.4. Workarounds =========== All vulnerabilities described in this advisory may be mitigated by disabling certain features: - For ArubaOS, ensure that 802.11r is disabled by verifying that any configured SSID profile does not contain a "dot11r-profile". From the command line, "show wlan dot11r-profile" will list any 802.11r profiles that have been configured. If the reference count is 0, 802.11r is not enabled. - For InstantOS, ensure that 802.11r is not enabled in any configured WLAN. - Disabling 802.11r on the AP infrastructure will effectively mitigate client-side 802.11r vulnerabilities. It will not, however, mitigate client-side 4-way handshake vulnerabilities. - Clarity Engine is a beta feature enabled only in special builds of software. Customers who are participating in this beta should not use Clarity Engine until a software update has been completed. - Mesh mode for both ArubaOS and InstantOS is vulnerable. Until this vulnerability is patched, mesh networks should be disabled. - Wi-Fi uplink mode for InstantOS is vulnerable. Until this vulnerability is patched, the Wi-Fi uplink feature should not be used. Discovery ========= These vulnerabilities were discovered by Dr. Mathy Vanhoef. Aruba expresses its appreciation and gratitude to Dr. Vanhoef for responsibly disclosing these vulnerabilities to the vendor and open-source communities. Exploitation and Public Discussion ================================== These vulnerabilities are being widely discussed in public. Proof of concept code has been developed, but has not been widely shared. A research paper is available describing the vulnerabilities and attack technique. Revision History ================ Revision 1 / 2017-Oct-16 / Initial release Revision 2 / 2017-Oct-20 / Added MeshOS and IAP 4.1 patch information Obtaining Fixed Firmware ======================== Aruba customers can obtain new firmware on the support website: http://support.arubanetworks.com Aruba Support contacts are as follows: 1-800-633-3600 (toll free from within North America) The full contact list is at: http://www.arubanetworks.com/support-services/support-program/contact-support/ Please do not contact the SIRT team for software upgrades. Aruba SIRT Security Procedures ============================== Complete information on reporting security vulnerabilities in Aruba Networks products, obtaining assistance with security incidents is available at: http://www.arubanetworks.com/support-services/security-bulletins/ For reporting *NEW* Aruba Networks security issues, email can be sent to aruba-sirt(at)hpe.com. For sensitive information we encourage the use of PGP encryption. (c) Copyright 2017 by Aruba, a Hewlett Packard Enterprise company. This advisory may be redistributed freely after the release date given at the top of the text, provided that redistributed copies are complete and unmodified, including all date and version information. -----BEGIN PGP SIGNATURE----- Version: GnuPG v2 iQEcBAEBCAAGBQJZ6fB1AAoJEJj+CcpFhYbZKoYH/R5tHJ/Gl6TUGjYUczSX4PN5 /yoRl/hYPWFOrsCvM2nFXtaPDD0u7Ro4c/Vq7HXnZA7bECvoHUrYohtxwmmxc/XF vaYi3m+MiGtyicwWGlqUpBk6eswTdFAsnBohn2SvstVqG+R5TXTBMoGKClZkl7TV yBySMUBmDj21NWGmqlswQgWPUwQJ2Lfg6kYNPGWo4vI8e7p+UK8GIMB1uzCy+Scl YsNcf5m9oqN+ep5m+U7xwLgL6puEyJOAVxkggd89NRjkoJgrq9NyUJCJivqIYZMp xdX6yW9SllrsDJxJHj5Vo6Oew6LN0me26sZkVX+o9ncGXm7pw1+ART2/yQIpcOU= =16No -----END PGP SIGNATURE-----