Meraki Community
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

BLE BLEEDINGBIT

Adam
Kind of a big deal
‎Nov 8 2018 5:30 AM
‎Nov 8 2018 5:30 AM

BLE BLEEDINGBIT

I couldn’t find anything in the wireless section on this issue. Here is some information and resources.

 

https://www.bleepingcomputer.com/news/security/new-bleedingbit-vulnerabilities-affect-widely-used-bl...

and

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20181101-ap

Adam R MS | CISSP, CISM, VCP, MCITP, CCNP, ITILv3, CMNO
If this was helpful click the Kudo button below
If my reply solved your issue, please mark it as a solution.
Subscribe
5 Replies 5
NolanHerring
Kind of a big deal
‎Nov 8 2018 6:46 AM
‎Nov 8 2018 6:46 AM

If you have the BLE features disabled then your not at risk, per Meraki support.

Also they patched this in 25.13, again per Meraki support.
Nolan Herring | nolanwifi.com
TwitterLinkedIn
Subscribe
In response to NolanHerring
Adam
Kind of a big deal
‎Nov 8 2018 7:24 PM
‎Nov 8 2018 7:24 PM

Interesting, didn't see anything directly related in the 25.13 firmware notes.  The closest thing I see is this

  • Fixed an issue where the BLE radio would stop beaconing and scanning (MR30H/MR33/MR74)
Adam R MS | CISSP, CISM, VCP, MCITP, CCNP, ITILv3, CMNO
If this was helpful click the Kudo button below
If my reply solved your issue, please mark it as a solution.
0 Kudos
Subscribe
In response to Adam
NolanHerring
Kind of a big deal
‎Nov 8 2018 7:55 PM
‎Nov 8 2018 7:55 PM

I thought the same thing so I reached out and that is when they told me 25.13 has the patch. Pretty sure they were doing to address this in some sort of dashboard notification or blog but I don't recall seeing anything directly from Meraki from a PR stance.
Nolan Herring | nolanwifi.com
TwitterLinkedIn
0 Kudos
Subscribe
In response to NolanHerring
jdsilva
Kind of a big deal
‎Nov 8 2018 8:03 PM
‎Nov 8 2018 8:03 PM

25.13 was released before this vuln was made public wasn't it? If so they likely wouldn't have been able to put anything in the notes about it.

http://blog.brokennetwork.ca | @jdsilva
0 Kudos
Subscribe
In response to jdsilva
NolanHerring
Kind of a big deal
‎Nov 8 2018 8:14 PM
‎Nov 8 2018 8:14 PM

That is what I was thinking but I would imagine they knew before the public did so that they could address it internally.
Nolan Herring | nolanwifi.com
TwitterLinkedIn
0 Kudos
Subscribe
Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.
Labels
© 2024 Cisco Systems, Inc.