Security Alerts

Mist Security Advisory – BLURtooth Attack

CVE: CVE-2020-15802 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15802 Publication Date: 2020-09-16 Summary Mist products are not impacted by the BLURtooth vulnerability. This vulnerability is related to the use of Cross-Transport Key Derivation (CTKD) for pairing Bluetooth devices. Affected Products None of the Mist products are affected by this vulnerability. Mist APs only operate the BLE ( Bluetooth Low Energy) capability for...

Mist Security Advisory – Ripple20

CVE: CVE-2020-11901 Publication Date: 2020-07-07 Summary Mist products are not impacted by the Ripple20 vulnerability – related to the use of the Treck embedded IP stack as per CVE-2020-11901. Exploitation of these vulnerabilities through an invalid DNS response could result in denial of service, information disclosure, or remote code execution. Affected Products None of the...

Mist Security Advisory – Kr00k Attack & FAQ

What is this vulnerability? Kr00k – formally known as CVE-2019-15126 – is a vulnerability in certain Broadcom Wi-Fi chipsets that allows unauthorized decryption of some WPA2-encrypted traffic. The vulnerability is a possible transmission of a few frames without proper MAC level encryption. Impact of this vulnerability The risk is limited to information exposure in the...

Mist Security Advisory – Bluetooth Discoverability

  CVE: CVE-2018-10910 Publication Date: 2019-01-28 Summary Mist BLE solutions are not impacted by the Bluetooth Discoverability vulnerability – related to the use of Bluetooth Classic as per CVE-2018-10910. The vulnerability forces the Bluetooth mode to stay as discoverable, allowing all external Bluetooth devices to connect. This flaw can be exploited when malicious devices are...

Mist Security

Mist, a Juniper Company, built the first AI-driven networking platform to give modern businesses an intelligent solution for the digital era.  Designed from the ground up to meet the stringent networking needs of the modern cloud and digital transformation, the Mist solution delivers unique capabilities from unprecedented visibility into the end user experiences to proactive...

FAQ on Wi-fi vulnerability announced on October 16th, 2017

Note: Please upgrade to firmware Version 0.1.11888 or later, which includes the fix to address this issue. What is this vulnerability? This is a security vulnerability for wireless networks that was publicly announced on October 16th, and impacts WPA2 networks as per VU#228519: https://www.kb.cert.org/vuls/id/228519. “Wi-Fi Protected Access II (WPA2) handshake traffic can be manipulated to...

CPU/Meltdown and Spectre Side-Channel Vulnerability

Dear Customers, We are aware of the latest CPU vulnerability discovered on Jan 4, 2017. Our AP’s don’t run untrusted software and the backend is already patched. No action is required right now, however, we are still vigilant about this vulnerability.