What’s KRACKing at HPE Aruba

Posted October 24, 2017 by Joel Grace 

Everything you need to know about KRACK(Key Reinstallation Attacks)

What is it?

Mathy Vanhoef, a technical security researcher, found what we are now calling “KRACK” to be a devastating security flaw in the relatively “secure” standard for wireless networks WPA. KRACK allows for attackers to eavesdrop on your personal data when authenticating to an access point. That’s right, your credit card, personal information, passwords, and photos could all be at risk. For businesses, this could be sensitive financial data, HIPAA, PCI, or HR data. It’s also important to know that KRACK doesn’t just affect some wireless products, but all that use the WPA protocol for authentication.

How?

When a client attempts to authenticate to a wireless network using WPA/WPA2, there is a four-way authenticate process that is initiated. KRACK attacks the thirds step in the process in which the encryption key can be sent multiple times. If an attacker is using KRACK, it can collect those retransmissions and the encryption can be broken.

What to do?

Most companies are taking great initiatives by releasing patches and updates quickly to protect against the possibility of an attack. If you haven’t done so already, we highly recommend updating all wireless access points to the vendor recommended version.

Aruba Customer?

Here’s a list of the recommended software versions Aruba customers should install to protect against the KRACK vulnerability: 

KRACK_body.jpg


ArubaOS

  • 6.3.1.25
  • 6.4.4.16
  • 6.5.1.9
  • 6.5.3.3
  • 6.5.4.2
  • 8.1.0.4

InstantOS

  • 6.4.2.6-4.1.3.5
  • 6.4.4.8-4.2.4.9
  • 6.5.1.5-4.3.1.6
  • 6.5.3.3
  • 6.5.4.2

Clarity Engine: 1.0.0.1.

Aruba 501 Client Bridge

  • V1.0.1.3-HP501-B0012
  • V2.0.0.1-Aruba501-B0013

AirMesh MeshOS: 4.7.0.4.

More detailed information can be found at the HPE Aruba website:

Aruba KRACK FAQ

Aruba Product Security Advisory:

Other Sayers Blogs on KRACK

Sayers is an HP Aruba Platinum partner with on-staff Aruba and security experts. If you have questions about KRACK or remediation steps, feel free to contact Sayers at info@sayers.com and an engineer will call you.

Addresses

  • Atlanta
    520 W Ponce De Leon Ave #1007
    Decatur, GA 30030
  • Bloomington
    1701 E Empire St Ste 360-280 Bloomington, IL 61704
  • Boston
    25 Walpole Park South, Suite 12, Walpole, MA 02081
  • Chicago
    233 S Wacker Dr. Suite 9550 Chicago, IL 60606
  • Tampa
    380 Park Place, Suite 130, Clearwater, FL 33759
  • Vernon Hills - Corporate Headquarters
    825 Corporate Woods Parkway Vernon Hills, IL 60061

Have a Question?

Contact us