cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 

ADTSA-2021002: FragAttacks

ADTSA-2021002: FragAttacks

Description


FragAttacks is a collection of vulnerabilities in the WiFi standard as well as implementation vulnerabilities. These vulnerabilities allow for unauthenticated injection of traffic into and data extraction from encrypted WiFi networks.


CVE IDs



Affected Products


Product Family Severity Notes

Bluesocket Access Points

  • BSAP 1920
  • BSAP 1925
  • BSAP 1930
  • BSAP 1935
  • BSAP 1940
  • BSAP 2020
  • BSAP 2030
  • BSAP 2035
  • BSAP 2135
  • BSAP 3040
  • BSAP 3045
TBD Under investigation.

EPON Residential Gateways

  • 6304W
Medium Only CVE-2020-24586, CVE-2020-24587, & CVE-2020-24588 apply. Resolution under investigation.

Ethernet Service Delivery Gateways & Mesh APs

  • SDG 834-5
  • SDG 831-t5
High  

GPON/Active Ethernet Residential Gateways

  • 414RG
  • 424RG
  • 434RG
Medium Only CVE-2020-24586, CVE-2020-24587, & CVE-2020-24588 apply. Resolution under investigation.

SmartRG DOCSIS Residential Gateways

  • SR804n
  • SR808ac
TBD Under investigation.

SmartRG Ethernet Residential Gateways

  • SR400ac
Medium (SmartOS 10.8)
High (SmartOS 11)
Only CVE-2020-24586, CVE-2020-24587, & CVE-2020-24588 apply in SmartOS 10.8.

SmartRG Ethernet Residential Gateways

  • SR905ac
  • SR905acv
High  

SmartRG Mesh APs

  • SE80ac
High  

SmartRG VDSL2 Residential Gateways

  • SR506n
  • SR516ac
  • SR555ac
Medium Only CVE-2020-24586, CVE-2020-24587, & CVE-2020-24588 apply. Resolution under investigation.

SmartRG VDSL2 Residential Gateways

  • SR616ac
  • SR655ac
Medium Only CVE-2020-24586, CVE-2020-24587, & CVE-2020-24588 apply. Resolution under investigation.

Mitigating Factors & Recommended Actions


Product Family Mitigating Factors Recommended Actions

Bluesocket Access Points

  • BSAP 1920
  • BSAP 1925
  • BSAP 1930
  • BSAP 1935
  • BSAP 1940
  • BSAP 2020
  • BSAP 2030
  • BSAP 2035
  • BSAP 2135
  • BSAP 3040
  • BSAP 3045
   

EPON Residential Gateways

  • 6304W
   

Ethernet Service Delivery Gateways & Mesh APs

  • SDG 834-5
  • SDG 831-t5
   

GPON/Active Ethernet Residential Gateways

  • 414RG
  • 424RG
  • 434RG
   

SmartRG DOCSIS Residential Gateways

  • SR804n
  • SR808ac
   

SmartRG Ethernet Residential Gateways

  • SR400ac
   

SmartRG Ethernet Residential Gateways

  • SR905ac
  • SR905acv
   

SmartRG Mesh APs

  • SE80ac
   

SmartRG VDSL2 Residential Gateways

  • SR506n
  • SR516ac
  • SR555ac
   

SmartRG VDSL2 Residential Gateways

  • SR616ac
  • SR655ac
   

Resolution


Product Family Resolution

Bluesocket Access Points

  • BSAP 1920
  • BSAP 1925
  • BSAP 1930
  • BSAP 1935
  • BSAP 1940
  • BSAP 2020
  • BSAP 2030
  • BSAP 2035
  • BSAP 2135
  • BSAP 3040
  • BSAP 3045
 

EPON Residential Gateways

  • 6304W
 

Ethernet Service Delivery Gateways & Mesh APs

  • SDG 834-5
  • SDG 831-t5
Upgrade to SmartOS 11.1.1.1 once available.

GPON/Active Ethernet Residential Gateways

  • 414RG
  • 424RG
  • 434RG
 

SmartRG DOCSIS Residential Gateways

  • SR804n
  • SR808ac
 

SmartRG Ethernet Residential Gateways

  • SR400ac
Upgrade to SmartOS 10.8.9.1 or 11.1.1.1 once available.

SmartRG Ethernet Residential Gateways

  • SR905ac
  • SR905acv
Update not possible.

SmartRG Mesh APs

  • SE80ac
Upgrade to SmartOS 11.1.1.1 once available. No fix in 10.8.x is planned.

SmartRG VDSL2 Residential Gateways

  • SR506n
  • SR516ac
  • SR555ac
Upgrade to 2.6.2.7 once available.

SmartRG VDSL2 Residential Gateways

  • SR616ac
  • SR655ac
 

Revision History


Revision Date Changes
B 2021-06-03 Updated resolution for the SR506n, SR516ac, and SR555ac.
A 2021-05-26 Initial release.
Version history
Revision #:
20 of 20
Last update:
‎06-03-2021 09:39 AM
Updated by:
 
Contributors