Cisco Small Business RV Series WPS Protocol Flaw Lets Remote Users Conduct Brute Force WPS PIN Guessing Attacks to Access the Target Network - SecurityTracker

	Keep Track of the Latest Vulnerabilities with SecurityTracker!

Home | View Topics | Search | Contact Us |

SecurityTracker
Archives

Sign Up for Your FREE Weekly SecurityTracker E-mail Alert Summary

Instant Alerts

Buy our Premium Vulnerability Notification Service to receive customized, instant alerts

Put SecurityTracker Vulnerability Alerts on Your Web Site -- It's Free!

Become a Partner and License Our Database or Notification Service

Report a Bug

Report a vulnerability that you have found to SecurityTracker
bugs
@
securitytracker.com

Category: Device (Router/Bridge/Hub) > Cisco Small Business RV Series

Cisco Small Business RV Series WPS Protocol Flaw Lets Remote Users Conduct Brute Force WPS PIN Guessing Attacks to Access the Target Network

SecurityTracker Alert ID: 1026568

SecurityTracker URL: http://securitytracker.com/id/1026568

CVE Reference: CVE-2011-5053 (Links to External Site)

Date: Jan 24 2012

Impact: User access via network

Vendor Confirmed: Yes Exploit Included: Yes

Version(s): Models RV110W, RV120W

Description: A vulnerability was reported in Cisco Small Business RV Series. A remote user can conduct brute force guessing attacks to gain access to the target network.

The PIN External Registrar (PIN-ER) mode of the Wi-Fi Protected Setup (WPS) protocol contains a weakness that allows a remote user within range of the wireless interface to determine if the first half of the 8 digit WPS configuration PIN is correct. A remote user within range of the wireless interface can exploit this to conduct a brute force WPS configuration PIN guessing attack and gain access to the target network in a short amount of time.

The following Cisco Small Business RV Series devices are affected:

Cisco RV110W
Cisco RV120W

The vulnerability resides in the WPS protocol and is not limited to these devices.

The original advisories are available at:

http://sviehb.files.wordpress.com/2011/12/viehboeck_wps.pdf
http://www.devttys0.com/2011/12/cracking-wpa-in-10-hours-or-less/

Stefan Viehbock and Craig Heffner independently reported this vulnerability.

Impact: A remote user within range of the wireless interface can conduct brute force guessing attacks to gain access to the target wireless network.

Solution: No solution was available at the time of this entry.

The vendor plans to issue a fix.

The vendor recommends disabling the vulnerable feature as a workaround.

The vendor's advisory is available at:

http://tools.cisco.com/security/center/content/CiscoSecurityResponse/cisco-sr-20120111-wps

Vendor URL: tools.cisco.com/security/center/content/CiscoSecurityResponse/cisco-sr-20120111-wps (Links to External Site)

Cause: Authentication error

Underlying OS:

Message History: None.

Source Message Contents

Date: Tue, 24 Jan 2012 01:21:54 +0000
Subject: Cisco Small Business RV Series


http://tools.cisco.com/security/center/content/CiscoSecurityResponse/cisco-sr-20120111-wps

CVE-2011-5053

Cisco RV110W
Cisco RV120W

Go to the Top of This SecurityTracker Archive Page

Home | View Topics | Search | Contact Us
Copyright 2013, SecurityGlobal.net LLC