SWRA788 august 2023 WL1801 , WL1801MOD , WL1805MOD , WL1807MOD , WL1831 , WL1831MOD , WL1835MOD , WL1837MOD

Vulnerability

TI PSIRT ID

TI-PSIRT-2021-100120

CVE ID

WiLink WL18xx PN reuse issue

CVSS Score: 5.7

CVSS Vector:

CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Affected Products

WL1801, WL1831
WL1801MOD, WL1831MOD, WL1805MOD, WL1835MOD, WL1807MOD, WL1837MOD

Potentially Impacted Features

The reuse of PN numbers can appear as a replay attack to a connected AP, which can respond by dropping incoming packets. This can lead to a period during which a WL18xx station can experience a denial of service.

Suggested Mitigations

The following updates have been released to fix this vulnerability:

Wl18xx_fw v8.9.1.0.0
R8.8 wlcore patch: 0023-wlcore-Fixing-PN-drift-on-encrypted-link-after-recov.patch

Products based on the WL18xx NLCP Driver can be updated with the firmware version v8.9.1.0.0 and apply the wlcore patch to fix this issue.

NOTE: Both the firmware and the driver updates must be applied together for the system to work properly and to fix the issue. Updating the firmware without applying the latest driver can cause the driver to fail during initialization.