Cisco Aironet 1560, 2800, and 3800 Series Access Point Platforms 802.11 Denial of Service Vulnerability
A vulnerability in 802.11 association request frame processing for the Cisco Aironet 1560, 2800, and 3800 Series Access Points could allow an unauthenticated, Layer 2 radio frequency (RF) adjacent attacker to cause the Access Point (AP) to reload, resulting in a denial of service (DoS) condition.
The vulnerability is due to insufficient frame validation of the 802.11 association request. An attacker could exploit this vulnerability by sending a malformed 802.11 association request to the targeted device. An exploit could allow the attacker to cause the AP to reload, resulting in a DoS condition while the AP is reloading.
Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.
This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171101-aironet1
Customers should upgrade to an appropriate release as indicated. To help ensure a complete upgrade solution, consider that this advisory is part of a collection that includes the following advisories:
- cisco-sa-20171101-aironet1: Cisco Aironet 1560, 2800, and 3800 Series Access Point Platforms 802.11 Denial of Service Vulnerability
- cisco-sa-20171101-aironet2: Cisco Aironet 1560, 2800, and 3800 Series Access Point Platforms Extensible Authentication Protocol Denial of Service Vulnerability
- cisco-sa-20171101-wlc1: Cisco Wireless LAN Controller Simple Network Management Protocol Memory Leak Denial of Service Vulnerability
- cisco-sa-20171101-wlc2: Cisco Wireless LAN Controller 802.11v Basic Service Set Transition Management Denial of Service Vulnerability
Affected Products :
Vulnerable Products – This vulnerability affects the following Cisco products running either the Lightweight AP Software or Mobility Express image:
Aironet 1560 Series Access Points
Aironet 2800 Series Access Points
Aironet 3800 Series Access Points
Note: The Cisco Aironet 1560 Series Access Point device is supported as of release 8.3.112.0.
Further information – https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171101-aironet1
Duncan is a technology professional with over 20 years experience of working in various IT roles. He has a interest in cyber security, and has a wide range of other skills in radio, electronics and telecommunications.