PSIRT Advisory

Dragonblood vulnerabilities in WiFi WPA3 standard implementation

Summary

Multiple vulnerabilities, referred to as Dragonblood, exist in WiFi WPA3 standard implementation .


Dragonblood vulnerabilities impacting WiFi WPA3 standard implementations can cause password leak, denial of service or authorization bypass. They consist it:


CVE-2019-9494: SAE cache attack against ECC groups (SAE side-channel attacks)

CVE-2019-9495: EAP-PWD cache attack against ECC groups (EAP-PWD side-channel attack)

CVE-2019-9496: SAE confirm missing state validation

CVE-2019-9497: EAP-PWD reflection attack (EAP-PWD missing commit validation)

CVE-2019-9498: EAP-PWD server missing commit validation for scalar/element

CVE-2019-9499: EAP-PWD peer missing commit validation for scalar/element

Impact

Side-channel attack, Denial of service

Affected Products

FortiOS and FortiAP-S/W2 are only impacted by:

CVE-2019-9494

CVE-2019-9495

CVE-2019-9496


Meru AP and Meru Controller are only impacted by:

CVE-2019-9496

Solutions

FortiOS:

CVE-2019-9494 upgrade to FortiOS 6.2.2

CVE-2019-9495 upgrade to FortiOS 6.2.2

CVE-2019-9496 upgrade to FortiOS 6.2.3


FortiAP-S/W2:

CVE-2019-9494 upgrade to FortiAP-S/W2 6.2.1

CVE-2019-9495 upgrade to FortiAP-S/W2 6.2.1

CVE-2019-9496 upgrade to FortiAP-S/W2 6.2.2


Meru AP:

CVE-2019-9496 upgrade to Meru AP 8.5.1


Meru Controller:

CVE-2019-9496 upgrade to Meru Controller 8.5.1