Skip Links

Network World

Jim Duffy

Cisco issues advisory for wireless gear

Attack tool based on WPS vulnerability prompts notice to disable

By Jim Duffy on Tue, 01/17/12 - 4:27pm.

Cisco has issued a security advisory on some of its wireless and unified communications products in response to attack tools that exploit a weakness in a protocol they use. The weakness was detailed by US-CERT in a Vulnerability Note last month.

The vulnerability is a hole in the Wi-Fi Alliance's Wi-Fi Protected Setup (WPS) protocol when devices are operating in PIN External Registrar mode. Devices in this mode allow a WPS client to supply only the correct WPS PIN to configure their client on a secured network; but a vulnerability in the protocol may allow an unauthenticated, remote attacker to brute force the WPS configuration PIN in a matter of hours.

The vulnerability is due to a flaw that allows an attacker to determine when the first 4-digits of the eight-digit PIN are known.  This reduces the PIN space from 10,000,000 possible values to 11,000 possible values, meaning an attacker could brute force the WPS PIN in as little as a few hours, the Cisco advisory states.

Cisco recommends disabling the WPS feature on its devices to prevent exploitation of this vulnerability. A list of the affected and unaffected Cisco devices is on the advisory, located here.

Exploit code and attack tools that expose the weakness within the WPS protocol have been released and are posted here.

More from Cisco Subnet:

30 events that shaped Cisco in 2011

New Cisco cloud computing framework pushes management, collaboration

Cisco data center forecast very cloudy

Cisco reorgs again, folds net mgmt into new cloud group

Chambers: Cisco's Q1 solid, but access routers, Nexus 7000 lagging

Cisco taps former VMware exec to head security push

Huawei gunning for Cisco in the enterprise

Cisco upgrades WAN optimizers

Gasp! Cisco and HP collaborate on blade switch

Cisco unveils latest Nexus data center switch

Follow all Cisco Subnet bloggers on Twitter.
Follow Jim Duffy on Twitter

 

What is Tech Briefcase?
TechBriefcase is a new, free service where IT Professionals can Search, Store and Share IT white papers and content like this. Learn more
Bookmark content
Speed up your research efforts with content across the web.
Search and Store
Find the white papers you need. Create folders for any topic.
View Anywhere
Open your briefcase on your iPhone, tablet or desktop. Share with colleagues.
Don't have an account yet?
About The Cisco Connection

The Cisco Subnet blog is written by Network World managing editor Jim Duffy Visit the Cisco Subnet home page daily and while you are there, subscribe to the Cisco Alert e-mail newsletter, which includes news and views generated by the Cisco Subnet community as well as Cisco-related stories on Network World and elsewhere on the Web.

Follow Jim Duffy on Twitter

 

Most Discussed Posts