FortiAP Bleeding Bit Vulnerability
Fortinet PSIRT Advisories
Fortinet PSIRT Contact:
Website: https://fortiguard.fortinet.com/faq/psirt-contact
FG-IR-18-356
Final
1
1
2019-04-10T00:00:00
Current version
2019-04-10T00:00:00
2019-04-10T00:00:00
Some FortiAP models are vulnerable to the Bleeding Bit Vulnerability (CVE-2018-16986) present in the Texas Instruments WiFi chips.CVE-2018-16986:Texas Instruments BLE-STACK v2.2.1 for SimpleLink CC2640 and CC2650 devices allows remote attackers to execute arbitrary code via a malformed packet that triggers a buffer overflow.
Execute unauthorized code or commands
Only the following FortiAP models are impacted:FortiAP-S: FAP_S221E and FAP_S223EFortiAP-W2: FAP_221E (Gen2), FAP_222E and FAP_223E (Gen2)Other FortiAP models (including FAP-U/FAP-W2/FAP-S series) are not impacted.MeruAP models are not impacted
Upgrade the impacted FortiAP-S/W2 models to 5.6.4 or 6.0.4WorkaroundsWhen the affected FortiAP-S/W2 models are managed by a FortiGate, enter the following CLI commands to disable the BLE scanning feature:config wireless-controller ble-profileedit [profile-name]set ble-scanning disable (*disable is the default value)nextendRevision History2019-04-10 Initial Version2019-04-15 Corrected the FortiAP-W2 affected models.
https://fortiguard.fortinet.com/psirt/FG-IR-18-356
FortiAP Bleeding Bit Vulnerability
https://armis.com/bleedingbit/
https://armis.com/bleedingbit/
FortiAP-W2 6.0.3
FortiAP-W2 6.0.2
FortiAP-W2 6.0.1
FortiAP-W2 6.0.0
FortiAP-W2 5.6.3
FortiAP-W2 5.6.2
FortiAP-W2 5.6.1
FortiAP-W2 5.6.0
FortiAP-S 6.0.3
FortiAP-S 6.0.2
FortiAP-S 6.0.1
FortiAP-S 6.0.0
FortiAP-S 5.6.3
FortiAP-S 5.6.2
FortiAP-S 5.6.1
FortiAP-S 5.6.0
FortiAP Bleeding Bit Vulnerability
CVE-2018-16986
FortiAP-W2-6.0.3
FortiAP-W2-6.0.2
FortiAP-W2-6.0.1
FortiAP-W2-6.0.0
FortiAP-W2-5.6.3
FortiAP-W2-5.6.2
FortiAP-W2-5.6.1
FortiAP-W2-5.6.0
FortiAP-S-6.0.3
FortiAP-S-6.0.2
FortiAP-S-6.0.1
FortiAP-S-6.0.0
FortiAP-S-5.6.3
FortiAP-S-5.6.2
FortiAP-S-5.6.1
FortiAP-S-5.6.0
5.2
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:F/RL:X/RC:X
https://fortiguard.fortinet.com/psirt/FG-IR-18-356
FortiAP Bleeding Bit Vulnerability
Reference>
https://armis.com/bleedingbit/
https://armis.com/bleedingbit/