Showing results for 
Search instead for 
Do you mean 
Reply
jdemarco2000
Posts: 1
Registered: ‎01-21-2012

WRT54G Secure Easy Setup SES - Security Vulnerability

There is a vulnerability in the WiFi Protected Setup (WPS) protocol implemented in many wireless access points and wireless residential routers that would allow an attacker within range of the wireless access point to brute force attack the WPS PIN and retrieve the password for the wireless network, change the configuration of the access point, or cause
a denial of service.  The vulnerability was announced by US-CERT here: http://www.kb.cert.org/vuls/id/723755.

Cisco/Linksys WRT54G implements this protocol under the name “Secure Easy Setup” in the WRT54G device.  Cisco has issued a Security Response about this here:
http://tools.cisco.com/security/center/content/CiscoSecurityResponse/cisco-sr-20120111-wps.

Several products are listed as either “vulnerable” or “not vulnerable”.  However, the widely-installed WRT54G is not listed among these products.

So, as of this forum post, I cannot tell definitively whether the WRT54G is vulnerable or not; however inasmuch as it contains the Secure Easy Setup functionality, I’m going to assume it is vulnerable.

The general advice to avoid the vulnerability has been to disable Secure Easy Setup. However, it has been reported in an Arstechnica article http://arstechnica.com/business/news/2012/01/hands-on-hacking-wifi-protected-setup-with-reaver.ars that disabling Secure Easy Setup was not effective, and that SES remained operational after disabling it.

Question: What is the timeline for issuing updated firmware to address this vulnerability?

Thank you.

 

Expert
sabretooth
Posts: 5,314
Registered: ‎11-11-2008

Re: WRT54G Secure Easy Setup SES - Security Vulnerability

Yes this has been discussed in great detail.  Stay tuned, check the Cisco/Linksys web site for information and possible upcoming firmware changes.

antdude
Posts: 108
Registered: ‎10-18-2008

Re: WRT54G Secure Easy Setup SES - Security Vulnerability

[ Edited ]

sabretooth wrote:

Yes this has been discussed in great detail.  Stay tuned, check the Cisco/Linksys web site for information and possible upcoming firmware changes.


Are there any updates on this? I'd like to know for my old WRT54GL router.

ylime1984
Posts: 1,206
Registered: ‎05-04-2012

Re: WRT54G Secure Easy Setup SES - Security Vulnerability

 

Found this link from Cisco's KB site regarding this concern. There might be new updates for your router.

 

WPS Vulnerability status update for Linksys devices

http://www6.nohold.net/Cisco2/ukp.aspx?vw=1&docid=3bccc46248f9417b909e2c1028f6778e_WPS.xml&pid=80&re...

antdude
Posts: 108
Registered: ‎10-18-2008

Re: WRT54G Secure Easy Setup SES - Security Vulnerability

[ Edited ]

ylime1984 wrote:

 

Found this link from Cisco's KB site regarding this concern. There might be new updates for your router.

 

WPS Vulnerability status update for Linksys devices

http://www6.nohold.net/Cisco2/ukp.aspx?vw=1&docid=3bccc46248f9417b909e2c1028f6778e_WPS.xml&pid=80&re...


Thanks. Mine isn't listed, but I do have SES (Secure Easy Setup). Is this the same as WPS? I have the latest stock firmware too.

wouterv
Posts: 116
Registered: ‎07-14-2012

Re: WRT54G Secure Easy Setup SES - Security Vulnerability

[ Edited ]

SES is the early Linksys variant of WPS.

SES is for older Linksys devices only and is technically different from WPS.

The vulnerability is in WPS, not in SES.

More written here:

http://blogs.computerworld.com/19551/wifi_routers_oldies_are_goodies

[q]

SES is a precursor to WPS.  It has the push-button configuration but not the external registrar PIN feature so it is not vulnerable to having a PIN brute forced remotely.

[/q]

antdude
Posts: 108
Registered: ‎10-18-2008

Re: WRT54G Secure Easy Setup SES - Security Vulnerability


wouterv wrote:

SES is the early Linksys variant of WPS.

SES is for older Linksys devices only and is technically different from WPS.

The vulnerability is in WPS, not in SES.

More written here:

http://blogs.computerworld.com/19551/wifi_routers_oldies_are_goodies

[q]

SES is a precursor to WPS.  It has the push-button configuration but not the external registrar PIN feature so it is not vulnerable to having a PIN brute forced remotely.

[/q]


So disabling SES is secured then? I don't use it.

Jake_2.0
Posts: 2,157
Registered: ‎05-29-2012

Re: WRT54G Secure Easy Setup SES - Security Vulnerability

[ Edited ]

Yes, it is secured. SES will only work if the wireless adapter also supports SES, but disabling it would do the trick.