Cisco airs out Wi-Fi vulnerability
Vulnerable access points transmit security keys over the air in unencrypted text, meaning that an eavesdropper could intercept them. With the keys, an attacker could easily break the encryption protecting Wi-Fi transmissions. Wi-Fi is a wireless standard commonly used in corporate and personal local-area networks.
What's new:
A vulnerability in some of Cisco’s Aironet Wi-Fi access points could allow attackers to snoop on corporate networks.
Bottom line:
="https: 11="" 2015="" www.zdnet.com="" a="" hub="" i="" 06="" 84db0885-0ff5-11e5-9a74-d4ae52e95e57="" highimpact.gif"="" width="60" height="35" align="right">IT managers have cited security concerns as one reason for being slow to deploy Wi-Fi access points. The disclosure by Cisco, which has recently been the subject of several security warnings, is likely to be viewed as evidence that those concerns are legitimate.
For more info:
Track the players
The devices are affected only when the command "snmp-server enable traps wlan-wep" is enabled, and it does not affect dynamically set WEP keys. Cisco access points running VxWorks are not affected. The keys are transmitted only when the access point is rebooted or the static WEP key is changed.
Attackers would only be able to snatch WEP keys if they were able to monitor data sent between the access point and the SNMP server.
Cisco said users should upgrade to IOS version 12.2(13)JA1 or later, or switch off the SNMP command in question. Instructions for the fix are detailed in Cisco's advisory.
Users can also get around the problem by switching to an authentication protocol that uses dynamically set keys, several of
Get Up to Speed on... Enterprise security Get the latest headlines and company-specific news in our expanded GUTS section. | ||||
Cisco's access points have recently been the subject of several security warnings. In July, Cisco patched a pair of security flaws that were discovered in its Aironet 1100 series wireless access points. One flaw could have allowed an attacker to use a "classical brute force" technique to discover account names, while the second could freeze the access point and bring down the wireless access zone.
In August, Cisco said its Lightweight Extensible Authentication Protocol (LEAP) could allow an attacker to guess user names and passwords in a "dictionary attack."
Matthew Broersma of ZDNet UK reported from London.