15 November 2017
Vendors Confirm That Industrial Solutions Are Vulnerable to KRACK Attacks
Several companies, including Cisco, Rockwell Automation, Sierra Wireless, ABB and Siemens, have reported vulnerabilities in their devices.
About 70 Cisco products are affected by WPA2 vulnerabilities, including Cisco 829 Industrial Integrated Services routers and Industrial Wireless 3700 series access points. Wireless infrastructure components are affected by one vulnerability (CVE-2017-13082) of the ten; the remaining nine affect client devices only.
Rockwell Automation has reported that its wireless access point, Stratix 5100/Workgroup Bridge version 15.3 (3) JC1 and earlier, is affected by the CVE-2017-13082 vulnerability.
Sierra Wireless has also informed its customers of vulnerabilities identified in dozens of its products, including access points and client devices. The list of affected Sierra Wireless devices includes industrial products, such as the FX30 gateway and the AirLink MP70 router.
Vulnerable ABB products include all TropOS broadband mesh routers and bridges operating on Mesh OS 8.5.2 or prior.
WPA2 vulnerabilities also affect industrial equipment by Siemens: SCALANCE WLC711 and WLC712 access points, SIMATIC Mobile Panel 277F IWLAN operator panel, SIMATIC ET200 WLAN interface modules, RUGGEDCOM RX1400 and RS9xxW devices, SCALANCE W-700 series products, etc. Whether the KRACK attack is relevant to these devices, depends on the functionality enabled. Specifically, SCALANCE WLC711 and WLC712 access points are prone to the CVE-2017-13082 vulnerability if 802.11r functionality is activated on them. And SCALANCE W-700, RUGGEDCOM RX1400 and RS9xxW devices are not vulnerable if they are only used in access point mode.
The vendors are preparing updates to close these vulnerabilities. The patches will be released as they are ready.
Kaspersky Lab experts have previously suggested that KRACK attacks may affect industrial systems. Kaspersky Lab has published an article providing detailed information on the security of wireless technologies in industrial networks.
Source: Kaspersky Lab, US-CERT