4.1 ATWILC Baremetal v4.8
The release contains the following changes:-
- Deprecated support for WEP authentication on WILC1000/3000
- Improved 802.11b carrier suppression on WILC1000
- Improved Gain tables for WILC1000 and WILC3000
- Countermeasures for the ‘FragAttacks’ vulnerabilities (see table below)
| Vulnerability# | Description |
|---|---|
| CVE-2020-26140 | Accepting plaintext data frames in a protected network |
| CVE-2020-26143 | Accepting fragmented plaintext data frames in a protected network |
| CVE-2020-24588 | Accepting non-SPP A-MSDU frames |
| CVE-2020-24586 | Not clearing fragments from memory when (re)connecting to a network |
| CVE-2020-26139 | Forwarding EAPOL frames even though the sender is not yet authenticated |
| CVE-2020-26147 | Reassembling mixed encrypted/plaintext fragments |
| CVE-2020-26146 | Reassembling encrypted fragments with non-consecutive packet numbers |
| CVE-2020-26144 | Accepting plaintext A-MSDU frames that start with an RFC1042 header with EtherType |