WPA2 Protocol Vulnerabilities - Lenovo Support US

Lenovo Security Advisory: LEN-17420

**Potential Impact:**An attacker could manipulate the vulnerability to affect clients through arbitrary packet decryption and injection, TCP connection hijacking, HTTP content injection, or the replay of unicast and group-addressed frames

Severity: High

**Scope of Impact:**Industry-wide

**CVE Identifier:**CVE-2017-5729, CVE-2017-13077, CVE-2017-13078, CVE-2017-13079, CVE-2017-13080, CVE-2017-13081, CVE-2017-13082, CVE-2017-13084, CVE-2017-13086, CVE-2017-13087, CVE-2017-13088

Summary Description:

Intel CVE-2017-5729 has been already mitigated in the recommended drivers.

The Wi-Fi standard uses the Wi-Fi Protected Access II (WPA2) security protocol and security certification program to secure multi-vendor wireless computer networks. A collection of vulnerabilities have been discovered in the WPA2 standard, which in turn makes every standard-compliant implementation vulnerable:

<https://www.wi-fi.org/news-events/newsroom/wi-fi-alliance-security-update&gt;

Attackers within wireless range of the access point (AP) and client, can, with some difficulty, attain a man-in-the-middle position. Depending on the data confidentiality protocols in use (e.g. TKIP, CCMP or GCMP) and other situational factors, this could lead to a wide range of disruptions and security flaws such as arbitrary packet decryption and injection, TCP connection hijacking, HTTP content injection, or the replay of unicast, broadcast, and multicast frames.

As this is an industry-wide issue, the Wi-Fi Alliance and cybersecurity organizations are the best source for information about the threat, exploits, and mitigations:

<https://www.wi-fi.org/security-update-october-2017&gt;

<http://www.icasi.org/wi-fi-protected-access-wpa-vulnerabilities/&gt;

<https://www.kb.cert.org/vuls/id/228519&gt;

Mitigation Strategy for Customers (what you should do to protect yourself):

Once the full details of the exploit have been made public and until Operating System (OS) and device patches are universally applied, users should assume all Wi-Fi access points are essentially public and have the same security levels as ordinary coffee shops or airport Wi-Fi. Users should protect themselves with the usual techniques such as using a VPN, https, SSH, and other common means of verifying endpoints and encrypting communications over public networks.

In common circumstances, a WPA2 connection is not protected until both sides, typically a client system and an access point, have been patched. Therefore, it is best to assume a connection is insecure if you do not know the status of the other end, and protect yourself as described above.

All Wi-Fi stacks will have to be updated to follow the new recommended WPA2 key handshake behavior. Lenovo product impact assessment is ongoing; please check this advisory frequently for updates.

Most Windows systems with Wi-Fi capability will be covered by this update from Microsoft:

<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-13080&gt;

In some cases a new Wi-Fi device driver will also be needed. vPro-enabled systems using the AMT management function will need a firmware update.

Linux systems typically receive patches from the distribution’s repository (e.g. Red Hat, SUSE, Ubuntu/Canonical). The distribution suppliers either have – or are in the process of – releasing a patch. Users should apply the update from their supplier as soon as it is available.

Routers, smart speakers, and other devices with embedded firmware will see firmware updates released individually. Check the support page for individual devices and apply updates as soon as they are available.

Product Impact: