SWRA776 may   2023 CC1200 , CC1312R , CC1312R7 , CC1352P , CC1352P7 , CC1352R

 

  1.   1
  2.   Summary
  3.   Vulnerability

Vulnerability

TI PSIRT ID

TI-PSIRT-2022-100128

CVE ID:

None

CVSS Base score:

4.3

Affected Products

Part SDK SDK Version TI-Wi-SUN-Stack Version
CC1352R, CC1352P7, CC1352P, CC1312R7, CC1312R, CC1200 SIMPLELINK-CC13XX-CC26XX-SDK: SimpleLink™ CC13xx and CC26xx software development kit (SDK) 6.40.00.13 and earlier 1.0.6 and earlier

To determine if your product is impacted, check the version of the TI Wi-SUN® stack built into your product. This can be done by looking at the documentation included with SDK.

Potentially Impacted Features

The failure to correctly validate the frame counter may allow an attacker to replay network packets. The vulnerability does not allow an attacker to decrypt or modify packets.

Suggested Mitigations

Customers are encouraged to upgrade to the latest SDK for their Wi-SUN® product. After obtaining the latest SDK, customers should confirm a TI Wi-SUN® Stack version of 2.10.00 or greater and upgrade their device to use the new version of the stack.

The following SDK releases address these vulnerabilities:

SDK First SDK version with mitigations First TI-Wi-SUN-Stack Version with mitigations
SIMPLELINK-CC13XX-CC26XX-SDK: SimpleLink™ CC13xx and CC26xx software development kit (SDK) 7.10 2.10.00

External References

IEEE® Std 802.15.4-2020, IEEE Standard for Low-Rate Wireless Networks, July 2020.

Wi-SUN® Alliance, Technical Profile Specification Field Area Network, Version 1v33

Revision History

Version 1.0 initial publication