Home Network Community >
Wi-Fi Routers >
[Security Flaws] Severe flaws called "KRACK" are discovered in the WPA2 protocol
[Security Flaws] Severe flaws called "KRACK" are discovered in the WPA2 protocol
This thread has been locked for further replies. You can start a new thread to share your ideas or ask questions.[Security Flaws] Severe flaws called "KRACK" are discovered in the WPA2 protocol
Posts: 334
Helpful: 15
Solutions: 0
Stories: 0
Registered: 2012-03-28
2017-10-17 11:29:42
Posts: 334
Helpful: 15
Solutions: 0
Stories: 0
Registered: 2012-03-28
[Security Flaws] Severe flaws called "KRACK" are discovered in the WPA2 protocol
2017-10-17 11:29:42
Tags:
Dear All,
On October 16th, 2017, an security researcher has disclosed some severe flaws in the WPA2 security protocol.
Description of the vulnerability
The vulnerability that known as "KRACK", short for Key Reinstallation Attack, will target the four-way handshake of the WPA2 protocol. Mathy Vanhoef, who published the flaw, said that the flaw may allow an attacker within the Wi-Fi range to decrypt network traffic from a WPA2-enabled device, hijack connections, and inject content into the traffic stream.
The publisher also points out that, the main attack is against the 4-way handshake, and does not exploit access points, but instead targets clients. So it might be that your router does not require security updates.
For more details, please refer to the below article published by Vanhoef:
https://www.krackattacks.com/
The following Common Vulnerabilities and Exposures (CVE) identifiers were assigned to track which products are affected by specific instantiations of the key reinstallation attack:CVE-2017-13077, CVE-2017-13078, CVE-2017-13079, CVE-2017-13080, CVE-2017-13081, CVE-2017-13082, CVE-2017-13084, CVE-2017-13086, CVE-2017-13087, CVE-2017-13088
TP-Link is aware of the vulnerabilities (KRACKs) in the WPA-2 protocol. We have published a security advisory on the official website and are working to solve the problems now.
Security Advisory: http://www.tp-link.com/en/faq-1970.html
[FONT=&]Software updates for the affected devices will be post at http://www.tp-link.com/support.html over the next few weeks.[/FONT]
Your network security is highly regarded by TP-Link.
Clarification for the WPA2 Vulnerabilities:
1. Please have a look at the article published by Mathy Vanhoef and pay attention to the QA listed at the end:
Q: What if there are no security updates for my router?
A: Our main attack is against the 4-way handshake, and does not exploit access points, but instead targets clients. So it might be that your router does not require security updates. We strongly advise you to contact your vendor for more details. In general though, you can try to mitigate attacks against routers and access points by disabling client functionality (which is for example used in repeater modes) and disabling 802.11r (fast roaming). For ordinary home users, your priority should be updating clients such as laptops and smartphones.
From the QA, we can get clear that the vulnerabilities only targets the devices act as Wi-Fi clients, including laptops, smartphones, range extenders working in RE mode, routers/gateways working in RE/WDS/WISP mode.
Thus if you're using the following TP-Link products:
(Unaffected Devices)
# All powerline adapters
# All mobile Wi-Fi products
# Routers and gateways working on default Router mode or Access Point mode
# Range extenders working in AP mode
You will not be affected by the WPA2 vulnerabilities. What you need to do is updating your Wi-Fi clients.
2. Conditions under which devices are vulnerable:
# Physical proximity: An attack can only happen when an attacker is in physical proximity to and within wireless range of your network.
# Time window: An attack can only happen when a client is connecting or reconnecting to a Wi-Fi network.
Devices affected by the vulnerability
Routers working in Repeater Mode/WISP Mode/Client Mode:
TL-WR940N with firmware version 3.17.1 Build 170717 Rel.55495n or earlier (Hardware Version 3.0 or earlier not affected)
[FONT=verdana]TL-WR841Nv13 with firmware version 0.9.1 4.16 v0348.0 Build 170814 Rel.59214n or earlier (Hardware Version 12.0 or earlier not affected)
TL-WR840N with firmware version 0.9.1 4.16 v019a.0 Build 170524 Rel.56478n or earlier (Hardware Version 2.0 or earlier not affected)
TL-WR941HP with firmware version 3.16.9 Build 20170116 Rel.50912n or earlier
TL-WR841HP with firmware version 3.16.9 Build 160612 Rel.67073n or earlier
TL-WR902AC with firmware version 3.16.9 Build 20160905 Rel.61455n or earlier
TL-WR802N with firmware version 0.9.1 3.16 v0188.0 Build 170705 Rel.34179n or earlier
TL-WR810N with firmware version 3.16.9 Build 160801 Rel.57365n or earlier
Routers with WDS function enabled (disabled by default) may be affected. Refer to the [COLOR=#0000ff]FAQ to learn how to check if WDS is enabled on your router.
Range Extenders working in Repeater Mode during a WPA2 handshake that is initiated only when connecting or reconnecting to a router:
TL-WA850RE with firmware version 1.0.0 Build 20170609 Rel.34153 or earlier
TL-WA855RE with firmware version 1.0.0 Build 20170609 Rel.36187 or earlier
TL-WA860RE with firmware version 1.0.0 Build 20170609 Rel.38491 or earlier
RE200 with firmware version 1.1.3 Build 20170818 Rel.58183 or earlier
RE210 with firmware version 3.14.2 Build 160623 Rel.43391n or earlier
RE305 with firmware version 1.0.0 Build 20170614 Rel.42952 or earlier
RE450 with firmware version 1.0.2 Build 20170626 Rel.60833 or earlier
RE500 with firmware version 1.0.1 Build20170210 Rel.59671 or earlier
RE650 with firmware version 1.0.2 Build 20170524 Rel.58598 or earlier
Wireless Adapters:
Archer T6E
Archer T9E
Whole Home Wi-Fi System:
Deco M5 with firmware version 1.1.5 Build 20170820 Rel.62483 or earlier
CPE/WBS/CAP:
CAP300 with firmware version 1.1.0 Build 20170601 Rel.60253 or earlier
CAP300-Outdoor with firmware version 1.1.0 Build 20170601 Rel.60212 or earlier
CAP1750 with firmware version 1.1.0 Build 20170601 Rel.60196 or earlier
CAP1200 with firmware version 1.0.0 Build 20170801 Rel.61314 or earlier
TL-ER604W with firmware version 1.2.0 Build 20160825 Rel.45880 or earlier
CPE520 with firmware version 2.1.6 Build 20170908 Rel.45234 or earlier
CPE610 with firmware version 2.1.5 Build 20170830 Rel. 58245 or earlier
CPE510 with firmware version 2.1.6 Build 20170908 Rel. 45233 or earlier
CPE220 with firmware version 2.1.6 Build 20170908 Rel. 45233 or earlier
CPE210 with firmware version 2.1.6 Build 20170908 Rel. 45234 or earlier
WBS210 with firmware version 2.1.0 Build 20170609 Rel. 57434 or earlier
WBS510 with firmware version 2.1.6 Build 20170908 Rel. 45234 or earlier
Smart home devices:
Smart Plugs and Switch: HS100,HS105,HS110,HS200
Smart Repeater with Plugs: RE350K,RE270K,RE370K
Cameras: NC250,NC260,NC450, KC120
[/FONT]
How to protect your devices
Until a software update is available to eliminate the vulnerability for your product, it is recommended to take the following precautions:
For wireless routers: Make sure your routers are in Router Mode or AP Mode, and patch the operating system of your smartphones, tablets and computers.
For wireless adapters: Patch the operating system of your computers.
Microsoft security update: Microsoft has fixed such security issues as mentioned in https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-13080
TP-Link has been working on affected models and will release firmware over the next few weeks on our official website.
Reversion History
2017-10-17: Initial release
2017-10-18: Updated some clarifications for the WPA2 vulnerabilities
2017-10-18: Updated the list of affected devices
On October 16th, 2017, an security researcher has disclosed some severe flaws in the WPA2 security protocol.
Description of the vulnerability
The vulnerability that known as "KRACK", short for Key Reinstallation Attack, will target the four-way handshake of the WPA2 protocol. Mathy Vanhoef, who published the flaw, said that the flaw may allow an attacker within the Wi-Fi range to decrypt network traffic from a WPA2-enabled device, hijack connections, and inject content into the traffic stream.
The publisher also points out that, the main attack is against the 4-way handshake, and does not exploit access points, but instead targets clients. So it might be that your router does not require security updates.
For more details, please refer to the below article published by Vanhoef:
https://www.krackattacks.com/
The following Common Vulnerabilities and Exposures (CVE) identifiers were assigned to track which products are affected by specific instantiations of the key reinstallation attack:CVE-2017-13077, CVE-2017-13078, CVE-2017-13079, CVE-2017-13080, CVE-2017-13081, CVE-2017-13082, CVE-2017-13084, CVE-2017-13086, CVE-2017-13087, CVE-2017-13088
TP-Link is aware of the vulnerabilities (KRACKs) in the WPA-2 protocol. We have published a security advisory on the official website and are working to solve the problems now.
Security Advisory: http://www.tp-link.com/en/faq-1970.html
[FONT=&]Software updates for the affected devices will be post at http://www.tp-link.com/support.html over the next few weeks.[/FONT]
Your network security is highly regarded by TP-Link.
Clarification for the WPA2 Vulnerabilities:
1. Please have a look at the article published by Mathy Vanhoef and pay attention to the QA listed at the end:
Q: What if there are no security updates for my router?
A: Our main attack is against the 4-way handshake, and does not exploit access points, but instead targets clients. So it might be that your router does not require security updates. We strongly advise you to contact your vendor for more details. In general though, you can try to mitigate attacks against routers and access points by disabling client functionality (which is for example used in repeater modes) and disabling 802.11r (fast roaming). For ordinary home users, your priority should be updating clients such as laptops and smartphones.
From the QA, we can get clear that the vulnerabilities only targets the devices act as Wi-Fi clients, including laptops, smartphones, range extenders working in RE mode, routers/gateways working in RE/WDS/WISP mode.
Thus if you're using the following TP-Link products:
(Unaffected Devices)
# All powerline adapters
# All mobile Wi-Fi products
# Routers and gateways working on default Router mode or Access Point mode
# Range extenders working in AP mode
You will not be affected by the WPA2 vulnerabilities. What you need to do is updating your Wi-Fi clients.
2. Conditions under which devices are vulnerable:
# Physical proximity: An attack can only happen when an attacker is in physical proximity to and within wireless range of your network.
# Time window: An attack can only happen when a client is connecting or reconnecting to a Wi-Fi network.
Devices affected by the vulnerability
Routers working in Repeater Mode/WISP Mode/Client Mode:
TL-WR940N with firmware version 3.17.1 Build 170717 Rel.55495n or earlier (Hardware Version 3.0 or earlier not affected)
[FONT=verdana]TL-WR841Nv13 with firmware version 0.9.1 4.16 v0348.0 Build 170814 Rel.59214n or earlier (Hardware Version 12.0 or earlier not affected)
TL-WR840N with firmware version 0.9.1 4.16 v019a.0 Build 170524 Rel.56478n or earlier (Hardware Version 2.0 or earlier not affected)
TL-WR941HP with firmware version 3.16.9 Build 20170116 Rel.50912n or earlier
TL-WR841HP with firmware version 3.16.9 Build 160612 Rel.67073n or earlier
TL-WR902AC with firmware version 3.16.9 Build 20160905 Rel.61455n or earlier
TL-WR802N with firmware version 0.9.1 3.16 v0188.0 Build 170705 Rel.34179n or earlier
TL-WR810N with firmware version 3.16.9 Build 160801 Rel.57365n or earlier
Routers with WDS function enabled (disabled by default) may be affected. Refer to the [COLOR=#0000ff]FAQ to learn how to check if WDS is enabled on your router.
Range Extenders working in Repeater Mode during a WPA2 handshake that is initiated only when connecting or reconnecting to a router:
TL-WA850RE with firmware version 1.0.0 Build 20170609 Rel.34153 or earlier
TL-WA855RE with firmware version 1.0.0 Build 20170609 Rel.36187 or earlier
TL-WA860RE with firmware version 1.0.0 Build 20170609 Rel.38491 or earlier
RE200 with firmware version 1.1.3 Build 20170818 Rel.58183 or earlier
RE210 with firmware version 3.14.2 Build 160623 Rel.43391n or earlier
RE305 with firmware version 1.0.0 Build 20170614 Rel.42952 or earlier
RE450 with firmware version 1.0.2 Build 20170626 Rel.60833 or earlier
RE500 with firmware version 1.0.1 Build20170210 Rel.59671 or earlier
RE650 with firmware version 1.0.2 Build 20170524 Rel.58598 or earlier
Wireless Adapters:
Archer T6E
Archer T9E
Whole Home Wi-Fi System:
Deco M5 with firmware version 1.1.5 Build 20170820 Rel.62483 or earlier
CPE/WBS/CAP:
CAP300 with firmware version 1.1.0 Build 20170601 Rel.60253 or earlier
CAP300-Outdoor with firmware version 1.1.0 Build 20170601 Rel.60212 or earlier
CAP1750 with firmware version 1.1.0 Build 20170601 Rel.60196 or earlier
CAP1200 with firmware version 1.0.0 Build 20170801 Rel.61314 or earlier
TL-ER604W with firmware version 1.2.0 Build 20160825 Rel.45880 or earlier
CPE520 with firmware version 2.1.6 Build 20170908 Rel.45234 or earlier
CPE610 with firmware version 2.1.5 Build 20170830 Rel. 58245 or earlier
CPE510 with firmware version 2.1.6 Build 20170908 Rel. 45233 or earlier
CPE220 with firmware version 2.1.6 Build 20170908 Rel. 45233 or earlier
CPE210 with firmware version 2.1.6 Build 20170908 Rel. 45234 or earlier
WBS210 with firmware version 2.1.0 Build 20170609 Rel. 57434 or earlier
WBS510 with firmware version 2.1.6 Build 20170908 Rel. 45234 or earlier
Smart home devices:
Smart Plugs and Switch: HS100,HS105,HS110,HS200
Smart Repeater with Plugs: RE350K,RE270K,RE370K
Cameras: NC250,NC260,NC450, KC120
[/FONT]
How to protect your devices
Until a software update is available to eliminate the vulnerability for your product, it is recommended to take the following precautions:
For wireless routers: Make sure your routers are in Router Mode or AP Mode, and patch the operating system of your smartphones, tablets and computers.
For wireless adapters: Patch the operating system of your computers.
Microsoft security update: Microsoft has fixed such security issues as mentioned in https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-13080
TP-Link has been working on affected models and will release firmware over the next few weeks on our official website.
Reversion History
2017-10-17: Initial release
2017-10-18: Updated some clarifications for the WPA2 vulnerabilities
2017-10-18: Updated the list of affected devices
#1
Options
- Copy Link
- Subscribe
- Bookmark
- Report Inappropriate Content
Thread Manage
149 Reply
Posts: 3
Helpful: 0
Solutions: 0
Stories: 0
Registered: 2017-10-18
Re:[Security Flaws] Severe flaws called "KRACK" are discovered in the WPA2 protocol
2017-11-19 23:17:18
1 month after post thread creation... Can we get patched firmwares?
0
We appreciate your feedback. Feel free to let us know more. Log in to submit feedback.
0
We appreciate your feedback. Feel free to let us know more. Log in to submit feedback.
#124
Options
- Copy Link
- Report Inappropriate Content
Thread Manage
Posts: 1
Helpful: 0
Solutions: 0
Stories: 0
Registered: 2017-11-30
Re:[Security Flaws] Severe flaws called "KRACK" are discovered in the WPA2 protocol
2017-11-30 03:16:46
Dear Mod TPLink,
Can you please provide updated information on this matter? I've just searched the web and the firmware updates still don't cover this new flaw!
If I missed something and your devices are now safe from krack, I apologise.
Many thanks
Can you please provide updated information on this matter? I've just searched the web and the firmware updates still don't cover this new flaw!
If I missed something and your devices are now safe from krack, I apologise.
Many thanks
0
We appreciate your feedback. Feel free to let us know more. Log in to submit feedback.
0
We appreciate your feedback. Feel free to let us know more. Log in to submit feedback.
#125
Options
- Copy Link
- Report Inappropriate Content
Thread Manage
Posts: 1
Helpful: 0
Solutions: 0
Stories: 0
Registered: 2017-12-09
Re:[Security Flaws] Severe flaws called "KRACK" are discovered in the WPA2 protocol
2017-12-09 00:57:47
I see that a KRACK firmware fix has been issued for WA860RE V4. Unfortunately my WA860RE's are Ver:1.1. Can I expect a fix for that version?
0
We appreciate your feedback. Feel free to let us know more. Log in to submit feedback.
0
We appreciate your feedback. Feel free to let us know more. Log in to submit feedback.
#126
Options
- Copy Link
- Report Inappropriate Content
Thread Manage
Posts: 6
Helpful: 0
Solutions: 0
Stories: 0
Registered: 2017-11-08
Re:[Security Flaws] Severe flaws called "KRACK" are discovered in the WPA2 protocol
2017-12-15 01:45:39
Getting a bit tiresome to refresh
http://www.tp-link.com/download/RE210.html#Firmware :(
0
We appreciate your feedback. Feel free to let us know more. Log in to submit feedback.
0
We appreciate your feedback. Feel free to let us know more. Log in to submit feedback.
#127
Options
- Copy Link
- Report Inappropriate Content
Thread Manage
Posts: 5
Helpful: 0
Solutions: 0
Stories: 0
Registered: 2017-11-11
Re:[Security Flaws] Severe flaws called "KRACK" are discovered in the WPA2 protocol
2017-12-16 00:07:51
tjeyy wrote
Getting a bit tiresome to refresh http://www.tp-link.com/download/RE210.html#Firmware :(
Same here with http://uk.tp-link.com/download/RE200.html#Firmware
It's worrying that TP-Link posted a number of firmware updates mid November (for the newer devices only?!) then nothing more for weeks, as if the rest of the devices have been left behind for good :(
0
We appreciate your feedback. Feel free to let us know more. Log in to submit feedback.
0
We appreciate your feedback. Feel free to let us know more. Log in to submit feedback.
#128
Options
- Copy Link
- Report Inappropriate Content
Thread Manage
Posts: 41
Helpful: 7
Solutions: 0
Stories: 0
Registered: 2016-04-09
Re:[Security Flaws] Severe flaws called "KRACK" are discovered in the WPA2 protocol
2017-12-17 01:03:46
Just like with your new android phone, you can expect one or two firmware upgrades before the manufacturer relegates the device to the historical archives. The consumer router market is even worse. Manufacturers do not wish to support these product offerings for very long, they want everyone to upgrade to the latest and greatest. They prod their customers in this direction by offering a few bug fixes initially and then nothing more.
At least with android there is a robust and dedicated community offering off brand firmware to keep things modern for as long as the hardware will support the new features. With a phone costing $800+ maybe that plays a part. A router that costs $200 or less after a year is considered a throw away device to everyone but the owner of the device who expected active support for much longer.
At least with android there is a robust and dedicated community offering off brand firmware to keep things modern for as long as the hardware will support the new features. With a phone costing $800+ maybe that plays a part. A router that costs $200 or less after a year is considered a throw away device to everyone but the owner of the device who expected active support for much longer.
0
We appreciate your feedback. Feel free to let us know more. Log in to submit feedback.
0
We appreciate your feedback. Feel free to let us know more. Log in to submit feedback.
#129
Options
- Copy Link
- Report Inappropriate Content
Thread Manage
Posts: 6
Helpful: 0
Solutions: 0
Stories: 0
Registered: 2017-10-17
Re:[Security Flaws] Severe flaws called "KRACK" are discovered in the WPA2 protocol
2017-12-18 00:41:22
I'd argue that it's in TP-Link's best interest to keep their products patched against vulnerabilities like KRACK. If enough users of its products are attacked successfully and users can trace those attacks back to TP-Link products, TP-Link might find itself in a world of hurt.
There's an old saying in my neck of the woods: An ounce of prevention is worth a pound of cure.
There's an old saying in my neck of the woods: An ounce of prevention is worth a pound of cure.
0
We appreciate your feedback. Feel free to let us know more. Log in to submit feedback.
0
We appreciate your feedback. Feel free to let us know more. Log in to submit feedback.
#130
Options
- Copy Link
- Report Inappropriate Content
Thread Manage
Posts: 15
Helpful: 0
Solutions: 0
Stories: 0
Registered: 2017-08-17
Re:[Security Flaws] Severe flaws called "KRACK" are discovered in the WPA2 protocol
2017-12-18 03:08:45
dph3055 wrote
Just like with your new android phone, you can expect one or two firmware upgrades before the manufacturer relegates the device to the historical archives. The consumer router market is even worse. Manufacturers do not wish to support these product offerings for very long, they want everyone to upgrade to the latest and greatest. They prod their customers in this direction by offering a few bug fixes initially and then nothing more.
At least with android there is a robust and dedicated community offering off brand firmware to keep things modern for as long as the hardware will support the new features. With a phone costing $800+ maybe that plays a part. A router that costs $200 or less after a year is considered a throw away device to everyone but the owner of the device who expected active support for much longer.
This is why I have now moved to using, and recommending Ubiquiti products, and actively recommending against using anything by TP-Link. For the price of a TP-Link router you can buy a Ubiquiti EdgeRouter X and an AC-Lite access point which is far more secure and capable than the hokey gear TP-Link push.
0
We appreciate your feedback. Feel free to let us know more. Log in to submit feedback.
0
We appreciate your feedback. Feel free to let us know more. Log in to submit feedback.
#131
Options
- Copy Link
- Report Inappropriate Content
Thread Manage
Posts: 1
Helpful: 0
Solutions: 0
Stories: 0
Registered: 2017-12-20
Re:[Security Flaws] Severe flaws called "KRACK" are discovered in the WPA2 protocol
2017-12-20 02:26:11
Why WA801ND isnt in the list?
i use WA801NDv5 in client mode.
Will you make patch for WA801NDv5 or do i have to throw it?
also i have a cpe210 in repeater mode what about that?
thnks
i use WA801NDv5 in client mode.
Will you make patch for WA801NDv5 or do i have to throw it?
also i have a cpe210 in repeater mode what about that?
thnks
0
We appreciate your feedback. Feel free to let us know more. Log in to submit feedback.
0
We appreciate your feedback. Feel free to let us know more. Log in to submit feedback.
#132
Options
- Copy Link
- Report Inappropriate Content
Thread Manage
Posts: 41
Helpful: 7
Solutions: 0
Stories: 0
Registered: 2016-04-09
Re:[Security Flaws] Severe flaws called "KRACK" are discovered in the WPA2 protocol
2017-12-20 09:55:43
bld522 wrote
I'd argue that it's in TP-Link's best interest to keep their products patched against vulnerabilities like KRACK. If enough users of its products are attacked successfully and users can trace those attacks back to TP-Link products, TP-Link might find itself in a world of hurt.
There's an old saying in my neck of the woods: An ounce of prevention is worth a pound of cure.
You would think so. However, the reality is consumer router manufacturers (not only TP-Link) by in large do not update their products for very long. When almost the entire industry follows the same modus operandi consumers don't have much choice. For years now, routers are released to the public and are quickly relegated to the legacy support directory in round-robin fashion as the next crop of routers are released.
It just isn't cost effective to rewrite firmware changes to address Krack for all of their equipment in use. More profit in getting those concerned to buy a new router. For the time being, Krack isn't a big threat and until it is, neither manufacturers or consumers will be paying much attention.
0
We appreciate your feedback. Feel free to let us know more. Log in to submit feedback.
0
We appreciate your feedback. Feel free to let us know more. Log in to submit feedback.
#133
Options
- Copy Link
- Report Inappropriate Content
Thread Manage
Posts: 334
Helpful: 15
Solutions: 0
Stories: 0
Registered: 2012-03-28
2017-10-17 11:29:42
Posts: 334
Helpful: 15
Solutions: 0
Stories: 0
Registered: 2012-03-28
Information
Helpful: 0
Views: 24591
Replies: 154
Voters 0
No one has voted for it yet.
Tags
Report Inappropriate Content
Transfer Module
New message