Article Number: 000125799
Wi-Fi Security protocol Key Re-installation Attack (KRACK): Impact Status on Dell Products
Summary: A new Key Re-installation Attack vulnerability (KRACK) has risen, use this article to find out how to protect your Dell hardware.
Article Content
Symptoms
Dell is aware of the vulnerabilities affecting the Wireless Protected Access II (WPA2) protocol that can be exploited through key reinstallation attacks
(KRACK). The following Common Vulnerabilities and Exposures (CVE) identifiers were assigned to track these vulnerabilities:
CVE-2017-13077
- Reinstallation of the pairwise encryption key (PTK-TK) in the 4-way handshake
CVE-2017-13078
- Reinstallation of the group key (GTK) in the 4-way handshake
CVE-2017-13079
- Reinstallation of the integrity group key (IGTK) in the 4-way handshake
CVE-2017-13080
- Reinstallation of the group key (GTK) in the group key handshake
CVE-2017-13081
- Reinstallation of the integrity group key (IGTK) in the group key handshake
CVE-2017-13082
- Accepting a retransmitted Fast BSS Transition (FT) Reassociation Request and reinstalling the pairwise encryption key (PTK-TK) while processing it
CVE-2017-13084
- Reinstallation of the STK key in the PeerKey handshake
CVE-2017-13086
- Reinstallation of the Tunneled Direct-Link Setup (TDLS) PeerKey (TPK) key in the TDLS handshake
CVE-2017-13087
- Reinstallation of the group key (GTK) when processing a Wireless Network Management (WNM) Sleep Mode Response frame
CVE-2017-13088
- Reinstallation of the integrity group key (IGTK) when processing a Wireless Network Management (WNM) Sleep Mode Response frame
Dell is investigating this issue to identify potential product impacts and will update this article with information as it becomes available, with impacted products and remediation steps. Please refer to the Patch Guidance section for details on patches published by Operating System vendors.
Cause
Resolution
OS Patch Guidance:
- Microsoft Windows: https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-13080
- Ubuntu - https://usn.ubuntu.com/usn/usn-3455-1/
- RHEL - https://access.redhat.com/security/vulnerabilities/kracks
- Neokylin OS- For Neokylin Linux OS updates please follow their official WeChat account, 中标软件支持服务
References:
- Research paper entitled "Key Reinstallation Attacks: Forcing Nonce Reuse in WPA2": https://papers.mathyvanhoef.com/ccs2017.pdf
- Research website: https://www.krackattacks.com/
- CERT/CC Vulnerability Note VU#228519: https://www.kb.cert.org/vuls/id/228519
- Wi-Fi Alliance Security Update: https://www.wi-fi.org/news-events/newsroom/wi-fi-alliance-security-update
For status of Dell EMC products, browse to: https://support.emc.com/kb/511474
For status of RSA products, browse to: https://community.rsa.com/docs/DOC-84103
Dell Products Affected:
Dell Consumer and Commercial Client Systems
Dell Client computers (Dell Precision, Latitude, OptiPlex, Inspiron, Vostro, XPS, Alienware) use a variety of wireless network adapters and the resolution will vary by manufacturer.
To get a concise list of the drivers available for the wireless network adapter installed in your Dell computer, refer to the Dell Knowledge Base article Drivers and Downloads FAQs .
The affected wireless cards and expected dates for the remedy are as follows:
Broadcom – Drivers are available, to learn more visit the Dell Knowledge Base article Drivers and Downloads FAQs , and download the update for your Dell computer.
- Dell Wireless 1820 WiFi
- Dell Wireless 1830 WiFi
Intel – Drivers are available, to learn more visit the Dell Knowledge Base article Drivers and Downloads FAQs , and download the update for your Dell computer.
- Intel® Dual Band Wireless-AC 3160
- Intel® Dual Band Wireless-AC 3165
- Intel® Dual Band Wireless-AC 7260
- Intel® Dual Band Wireless-AC 7265
- Intel® Dual Band Wireless-AC 8260/8265
Qualcomm – Drivers are available, to learn more visit the Dell Knowledge Base article Drivers and Downloads FAQs , and download the update for your Dell computer.
- Qualcomm QCA9377 (DW1810) / QCA61x4A (DW1820) / QCA6174A-XR
Killer Wireless – Drivers are available, to learn more visit the Dell Knowledge Base article Drivers and Downloads FAQs , and download the update for your Dell computer.
- Killer Wireless 1435
- Killer Wireless 1435-S
- Killer Wireless 1535
Realtek – Drivers are available, to learn more visit the Dell Knowledge Base article Drivers and Downloads FAQs , and download the update for your Dell computer.
- Dell Wireless 1801
The affected Dell printers and expected dates for the remedy are as follows:
| Product |
Firmware Update (or greater) |
|---|---|
| Dell Color Multifunction Printer E525w |
|
| Dell Color Cloud Multifunction Printer | H825cdw |
|
| Dell Multifunction Printer | E515dw |
|
| Dell Multifunction Printer | E514dw |
|
| Dell Cloud Multifunction Printer | H815dw |
|
| Dell Color Cloud Multifunction Printer | H625cdw |
|
| Dell Printer | E310dw |
|
| Dell C3765dnf Multifunction Color Laser Printer |
|
| Dell C1760nw Color Printer |
|
| Dell C2660dn Color Laser Printer |
|
| Dell C3760n Laser Printer |
|
| Dell C3760dn Laser Printer |
|
| Dell Color Smart Multifunction Printer | S3845cdn |
|
| Dell Color Smart Printer | S3840cdn |
|
| Dell B2375dfw MFP |
|
| Dell B1165nfw MFP |
|
| Dell B1160w Printer |
|
| Dell B1265dfw MFP |
|
| Dell Smart Printer | S2830dn |
|
| Dell Smart Printer | S5830dn |
|
| Dell Color Smart Printer | S5840cdn |
|
| Dell B5460dn Laser Printer |
|
| Dell B5465dnf Multifunction Laser Printer |
|
| Dell B2360d Laser Printer |
|
| Dell B2360dn Laser Printer |
|
| Dell B3460dn Laser Printer |
|
| Dell B3465dn Laser Printer |
|
| Dell B3465dnf Laser Printer |
Update 02/21/2018
These patches may also include the firmware component of the Speculative Execution and Indirect Branch Prediction Side Channel Analysis Method Advisory (INTEL-SA-00088), please refer to the Dell Knowledge Base for complete details on Dell PCs and Thin Client.
Per Intel’s guidance on January 22nd
, Dell removed all BIOS updates from our support pages marked as "Suspended Release" while Intel conducted root cause analysis for reported reboot issues and unpredictable system behavior.
Starting February 8th
, Dell has made available previously-removed BIOS updates for various CPUs. As Intel continues to provide production microcode for other processor generations, Dell will release BIOS updates for the listed affected platforms.
All customers with an affected platform should download the latest BIOS update listed below.
| Model Name | Supported OS | MS Patch Update | WiFi Driver Update | BIOS Update | Image Update |
|---|---|---|---|---|---|
| Wyse 3020 thin client |
Xenith, ThinOS |
n/a |
n/a |
n/a |
For access to the latest up to date ThinOS release go to your Dell Digital Locker account and download 8.4_112 or later. |
| Wyse 3030 thin client |
Windows Embedded Standard 7 |
n/a |
n/a |
||
| Wyse 3030 LT thin client |
ThinOS |
n/a |
n/a |
n/a |
For access to the latest up to date ThinOS release go to your Dell Digital Locker account and download 8.4_112 or later. |
| Wyse 3030 LT thin client |
ThinLinux 1.x (SLES) |
n/a |
n/a |
n/a |
|
| Wyse 3040 thin client |
ThinOS |
n/a |
n/a |
n/a |
For access to the latest up to date ThinOS release go to your Dell Digital Locker account and download 8.4_112 or later. |
| Wyse 3040 thin client |
ThinLinux 1.x (SLES) |
n/a |
n/a |
n/a |
|
| Wyse 5010 thin client |
Xenith, ThinOS, ThinOS (PcIP) |
n/a |
n/a |
n/a |
For access to the latest up to date ThinOS release go to your Dell Digital Locker account and download 8.4_112 or later. |
| Wyse 5010 thin client |
Windows Embedded Standard 7 |
n/a |
n/a |
||
| Wyse 5010 thin client |
Windows Embedded Standard 7 Premium |
n/a |
n/a |
||
| Wyse 5010 thin client |
Windows Embedded 8 Standard |
n/a* |
n/a |
n/a |
|
| Wyse 5020 thin client |
ThinLinux 1.x (SLES) |
n/a |
n/a |
n/a |
|
| Wyse 5020 thin client |
Windows Embedded Standard 7 |
n/a |
n/a |
||
| Wyse 5020 thin client |
Windows Embedded Standard 7 Premium |
n/a |
n/a |
||
| Wyse 5020 thin client |
Windows Embedded 8 Standard |
n/a* |
n/a |
n/a |
|
| Wyse 5020 thin client |
WIE10 TH |
n/a |
n/a |
||
| Wyse 5040 AIO |
ThinOS |
n/a |
n/a |
n/a |
For access to the latest up to date ThinOS release go to your Dell Digital Locker account and download 8.4_112 or later. |
| Wyse 5040 AIO thin client with PCoIP |
ThinOS |
n/a |
n/a |
n/a |
For access to the latest up to date ThinOS release go to your Dell Digital Locker account and download 8.4_112 or later. |
| Wyse 5060 thin client |
Windows Embedded Standard 7 Premium |
n/a |
n/a |
||
| Wyse 5060 thin client |
WIE10 RS |
n/a |
n/a |
||
| Wyse 5060 thin client |
ThinLinux 1.x (SLES) |
n/a |
n/a |
n/a |
|
| Wyse 7010 thin client |
ThinOS |
n/a |
n/a |
n/a |
For access to the latest up to date ThinOS release go to your Dell Digital Locker account and download 8.4_112 or later. |
| Wyse 7010 thin client |
Windows Embedded Standard 7 |
n/a |
n/a |
||
| Wyse 7010 thin client |
Windows Embedded Standard 7 Premium |
n/a |
n/a |
||
| Wyse 7010 thin client |
Windows Embedded 8 Standard |
n/a* |
n/a |
n/a |
|
| Wyse 7020 thin client |
Windows Embedded Standard 7 |
n/a |
n/a |
||
| Wyse 7020 thin client |
ThinLinux 1.x (SLES) |
n/a |
n/a |
n/a |
|
| Wyse 7020 thin client |
Windows Embedded Standard 7 Premium |
n/a |
n/a |
||
| Wyse 7020 thin client |
Windows Embedded 8 Standard |
n/a* |
n/a |
n/a |
|
| Wyse 7020 thin client |
WIE10 TH |
n/a |
n/a |
||
| Latitude 3460 mobile thin client |
Windows Embedded Standard 7 Premium |
n/a |
|||
| Latitude E7270 mobile thin client |
Windows Embedded Standard 7 Premium |
n/a |
|||
| Latitude 3480 mobile thin client |
WIE10 RS |
n/a |
|||
| Latitude 5280 mobile thin client |
WIE10 RS |
n/a |
*Wyse 5010, 5020, 7010 and 7020 with WE8S. There is no planned update for WE8S because those versions are no longer supported by the chipset vendor.
| Client Products with Intel® Active Management Technology (AMT) | |
|---|---|
| The systems below are affected and can receive patched Intel® Management Engine Firmware either via stand-alone Windows-compatible update utility (MEFW Update) or integrated in Dell BIOS release (BIOS Update). Dates in this list are estimates provided for customer planning purposes and will be updated with links to downloadable packages when available. | |
| These patches also includes the firmware component of the Intel ME/TXE Advisory (INTEL-SA-00086), please refer to the Dell Knowledge Base on the Intel ME/TXE advisory for complete details. | |
| Product | Intel® Management Engine Firmware Update (MEFW Update) or BIOS Update |
| Embedded Box PC 5000 |
|
| Enterprise Server T20 |
|
| Enterprise Server T30 |
|
| Inspiron 23 (5348) |
|
| Latitude 5175 |
|
| Latitude 5179 |
|
| Latitude 5280 |
|
| Latitude 5285 |
|
| Latitude 5288 |
|
| Latitude 5289 |
|
| Latitude 5404 |
|
| Latitude 5414 |
|
| Latitude 5480 |
|
| Latitude 5488 |
|
| Latitude 5580 |
|
| Latitude 7202 |
|
| Latitude 7204 |
|
| Latitude 7212 |
|
| Latitude 7214 |
|
| Latitude 7275 |
|
| Latitude 7280 |
|
| Latitude 7285 |
|
| Latitude 7350 |
|
| Latitude 7370 |
|
| Latitude 7380 |
|
| Latitude 7389 |
|
| Latitude 7404 |
|
| Latitude 7414 |
|
| Latitude 7480 |
|
| Latitude E5250 |
|
| Latitude E5270 |
|
| Latitude E5430 |
|
| Latitude E5430 vPro |
|
| Latitude E5440 |
|
| Latitude E5450 |
|
| Latitude E5470 |
|
| Latitude E5530 |
|
| Latitude E5530 vPro |
|
| Latitude E5540 |
|
| Latitude E5550 |
|
| Latitude E5570 |
|
| Latitude E6230 |
|
| Latitude E6330 |
|
| Latitude E6430 |
|
| Latitude E6430 ATG |
|
| Latitude E6430S |
|
| Latitude E6430U |
|
| Latitude E6440 |
|
| Latitude E6440 ATG |
|
| Latitude E6530 |
|
| Latitude E6540 |
|
| Latitude E7240 |
|
| Latitude E7250 |
|
| Latitude E7270 |
|
| Latitude E7440 |
|
| Latitude E7450 |
|
| Latitude E7470 |
|
| OptiPlex 3050 |
|
| OptiPlex 3050 AIO |
|
| OptiPlex 5040 |
|
| OptiPlex 5050 |
|
| OptiPlex 5250 |
|
| OptiPlex 7010 |
|
| OptiPlex 7020 |
|
| OptiPlex 7040 |
|
| OptiPlex 7050 |
|
| OptiPlex 7440 AIO |
|
| OptiPlex 7450 |
|
| OptiPlex 9010 |
|
| OptiPlex 9010 AIO |
|
| OptiPlex 9020 |
|
| OptiPlex 9020 AIO |
|
| OptiPlex 9020M |
|
| OptiPlex 9030 |
|
| OptiPlex XE2 |
|
| Precision 3420 Tower |
|
| Precision 3510 |
|
| Precision 3520 |
|
| Precision 3620 Tower |
|
| Precision 5510 |
|
| Precision 5520 |
|
| Precision 5720 AIO |
|
| Precision 5810 Tower |
|
| Precision 5810 XL Tower |
|
| Precision 5820 XL Tower |
|
| Precision 7510 |
|
| Precision 7520 |
|
| Precision 7710 |
|
| Precision 7720 |
|
| Precision 7810 Tower |
|
| Precision 7810 XL Tower |
|
| Precision 7820 Tower |
|
| Precision 7910 Tower |
|
| Precision 7910 XL Tower |
|
| Precision 7920 Tower |
|
| Precision M2800 |
|
| Precision M4700 |
|
| Precision M4800 |
|
| Precision M6700 |
|
| Precision M6800 |
|
| Precision R7610 |
|
| Precision Rack 7910 |
|
| Precision T1650 |
|
| Precision T1700 |
|
| Precision T3610 |
|
| Precision T5610 |
|
| Precision T7610 |
|
| Venue 11 Pro (7130) |
|
| Venue 11 Pro (7140) |
|
| Vostro 23 (3340) |
|
| XPS 12 (9250) |
|
| XPS 13 (9343) |
|
| XPS 13 (9360) |
|
| XPS 13 2-in-1 (9365) |
In Process |
| XPS 15 (9550) |
|
| XPS 15 (9560) |
|
| XPS 27 AIO (7760) |
|
Article Properties
Affected Product
Last Published Date
20 Jul 2021
Version
6
Article Type
Solution