Broadcom MediaxChange Vulnerability Affecting Cisco Products: July 2021

A vulnerability in the TrustZone implementation in certain Broadcom MediaxChange firmware was reported by security researchers. To exploit this vulnerability on the affected Cisco products, the attacker would need to dismount the backplate of the device and trigger a specific series of impulses on the chipset. This would reload the device in a special mode allowing access to the bootshell. The attacker would then issue specific commands with crafted parameters in the bootshell, which would trigger the vulnerability. Exploitation of this vulnerability could result in arbitrary code execution with privilege escalation.

At the time of publication, a link to the details about this vulnerability was not available.

This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-brcm-mxc-jul2021-26LqUZUh

Security Impact Rating: Medium

CVE: CVE-2021-33478

Related:

  • No Related Posts

Wi-Fi Protected Network and Wi-Fi Protected Network 2 Information Disclosure Vulnerability

On February 26th, 2020, researchers Štefan Svorencík and Robert Lipovsky disclosed a vulnerability in the implementation of the wireless egress packet processing of certain Broadcom Wi-Fi chipsets. This vulnerability could allow an unauthenticated, adjacent attacker to decrypt Wi-Fi frames without the knowledge of the Wireless Protected Access (WPA) or Wireless Protected Access 2 (WPA2) Pairwise Temporal Key (PTK) used to secure the Wi-Fi network.

The vulnerability exists because after an affected device handles a disassociation event it could send a limited number of Wi-Fi frames encrypted with a static, weak PTK. An attacker could exploit this vulnerability by acquiring these frames and decrypting them with the static PTK. A successful exploit could allow the attacker to decrypt Wi-Fi frames without the knowledge of the security session establishment used to secure the Wi-Fi network.

Multiple Cisco wireless products are affected by this vulnerability.

Cisco will release software updates that address this vulnerability. There are no workarounds that addresses this vulnerability.

This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200226-wi-fi-info-disclosure

Security Impact Rating: Medium

CVE: CVE-2019-15126

Related:

What happened to WSS support ??

I need a solution

Did something bad happen to WSS support after the broadcom transition we were getting really quick response times and solutions from the previous team 

we have clients reporting all sorts of problems with the data pods at the sydney DC 

the clients raise tickets to support but get little response – there is no duty manager and a sev1 ticket seems to go nowhere we have no symantec account manager anymore so there is literally no way to get a ticket resolved now 

is anyone else getting a bad customer experience since broadcom or is it just us here in australia ? 

0

Related:

Client Management Suite Update

I do not need a solution (just sharing information)

We have gotten a few questions in re: Client Mgmt. Suite and just wanted to share this with you in case you may have questions as well.

Client Management Suite and the other products in the Endpoint Management portfolio are alive and well positioned for success as part of Broadcom.  In fact, the Endpoint Management products are exactly the type of established and sustainable business that Broadcom cultivates.

 

We are currently working on some infrastructure and tools migration projects that are required as part of the Broadcom acquisition, but are simultaneously making progress on the next release of Client Management Suite.  It’s a little too early to provide any projections on when we expect the next release to ship, but we understand that there is a pressing need to support new versions of operating systems already supported by the product.  In addition, we also have a long list of product enhancements that would provide added value to our customers.

 

Of course we cannot share a specific roadmap, but felt it important that customers know the focus Endpoint Management products are receiving.

Thanks so much,

Amy J

0

Related:

  • No Related Posts

SEP 14 licensing

I do not need a solution (just sharing information)

Is anyone seeing delays renewing their SEP licenses?   We’re renewing through our supplier as we’ve done for the past 10 years and we’re being told that there’s a processing delay from Broadcom.

Our license expires next week – we started the renewal process several weeks ago.

Is it possible to get a temporary license to January 31, 2020 to allow time for our renewal to be processed?

We have a number of UNMANAGED clients that we install the license file directly to.

0

Related:

  • No Related Posts

purchasing new versions of SEP

I need a solution

Several months ago, i reached out to several of our suppliers looking to renew a support contract and/or purchase a new version of SEP.   All have responded to me that Symantec is no longer selling the product and this went into effect when the Broadcom transaction took effect.  

I called several “partners” listed on the Symantec websites but they have responded with “we cannot get proposals anylonger”.

We have the option of changing platforms (ESET has been agressive with teir sales pitch) but we’ve been using Symantec for years and I really dont want to have to change if we dont have to.

Can anyone confirm if this is true or not? 

0

1578325208

Related:

unable to purchase SEP14 licences for Enterprise.

I do not need a solution (just sharing information)

Hi,

I’ve been trying to purchase SEP14 licences and the management console through my company’s software licencing department. This has been taking a couple of months, now they are saying that we are unable to buy any software licences due to Symantec’s takeover by Broadcom. 

This is holding up our Windows 10 migrations due to our old SEP12 being not compatible with Windows 10, in testing we found lots of issues. 

Does anyone else have had this experience or know that this is correct, is my software licencing team correct? 

Many thanks for any advise or help you can give. 

Paul 

0

Related:

SEP blocks NIC Teaming in Server 2019

I need a solution

Recently I installed a fresh copy of windows Server 2019 OS Build 17763.107 on my IBM System x3650M5 machine with 4 Broadcom NetXtreme Gigabit adapters. As soon as I created NIC teaming with LACP option (same on the switch side) and installed SEP version 14.2.3335.1000 for WIN64BIT i got disconnected after a restart. Further investigation showed that NIC cards individually looked fine, but the teamed NIC interface was crossed as if Network cable was unplugged.

I upgraded drivers from Lenovo, installed cumulative updates for windows, ran Symantec troubleshooter (which found zero problems related with NIC) but nothing seems to work.

Symantec support offered that some rule was blocking traffic. When we removed “block any any” traffic from firewall rules, Teamed NIC started up. Same happened when we just disabled firewall module. 

I had server 2012R2 installed prior to 2019 on this machine and it never had such problem. couple years ago I tried to upgrade it to 2016, but I encountered the same “Cable unplugged” problem with NIC teaming and didnt troubleshoot it too much, since it was only for evaluation purposes.

Any ideas? Maybe any of you encountered the same problem and more importantly: solved it without just uninstalling SEP for good? 😀

0

1561010667

Related:

Driver Disk for Broadcom bnxt_en-1.8.29 – For XenServer 7.1

Who Should Install this Driver Disk?

Customers running Citrix XenServer 7.1.0 who use Broadcom’s bnxt_en driver and wish to use the latest version of the following:

Driver Module Version
bnxt_en 1.8.29

Issues Resolved In this Driver Disk

Includes general enhancements and bug fixes.

Note: If your device has been branded by your OEM, please ensure that you consult them regarding the currently supported driver/firmware versions.

Installing the Driver Disk

Customers should use XenServer Command Line Interface (CLI) to install this update. Once the driver has been installed, the server must be restarted. As with any software update, Citrix advises customers to back up their data before applying this driver disk.

Please note that the attachment to this article is a zip file. It contains both the driver disk ISO mentioned below, and the source code for the driver. The zip file should be unzipped (to produce the driver disk ISO image), before carrying out the steps below. The source code ISO is not necessary for driver disk installation: it is provided to fulfill licensing obligations.

Installing as Part of a Clean XenServer Installation

  1. Once you have selected your keyboard layout at the first installer prompt, you will be presented with a welcome screen. At this point, press F9 on your keyboard, and insert the CD with the driver disk in it, or use one of the other methods such as installation over the network.

    Users should note that if installation over HTTP or FTP is to be used, the ISO image must be unpacked at that location (i.e. the installer expects to find the contents of the ISO at that network location, not the ISO itself).

  2. The installer will proceed to attempt to load the driver. If this is successful, you can continue with the installation as normal. Near the end of the installation, you will be prompted to re-insert the driver disk (otherwise known as a XenServer supplemental pack) so that the driver can be installed onto disk. You must re-supply the driver disk at this point. Failure to do so will mean that the installation will not contain the new drivers. After this step, no further action is required.

If the installer fails to load the new driver from the driver disk, it is likely to be because an earlier version of the driver has already been loaded. In general, this is because a hardware component is present that is supported by the version of the driver that ships as part of XenServer (even if another component is present that requires a newer version of the driver). To avoid the existing driver being loaded, use the following procedure.

  1. Reboot the host, leaving the XenServer installation CD-ROM in the drive.
  2. At the boot: prompt, type:

    shell

  3. You will now be presented with a command prompt. Type the following:

    rmmod bnxt_en

    If this succeeds (i.e. there are no error messages printed), the installer’s versions of the drivers have been unloaded. If error messages are presented, it is likely that other drivers depend on one or more of the drivers you are attempting to unload. If this is the case, please contact Citrix Technical Support.

  4. Type

    exit

    or press Control+D on your keyboard, to return to the installer.

  5. Use the procedure described above to provide the driver disk to the installer, which should now load correctly.

Installing the Update by using the xe Command Line Interface

Perform the following steps to install the update remotely using the xe CLI:

  1. Download the update to a known location on a computer that has XenCenter installed.
  2. Upload the update:

    xe update-upload file-name=driver-broadcom_bnxt_en-1.8.29.iso

    Note: The UUID of the update is returned when the upload completes.

  3. Apply the update:

    xe update-apply uuid=00680af4-1efd-47e1-aa51-c7ab18dd005e

  4. To complete the installation, restart the host. This ensures that the driver loads correctly.

Files

Update Files

Component Details
Filename driver-broadcom-bnxt_en-1.8.29.iso
File sha256 a12365d13689047612dc45cf8756fb1bba2bb8312610e56b4bf13f2117598551
Source Filename driver-broadcom-bnxt_en-1.8.29-sources.iso
Source File sha256 3342092f1f48e3b69003f04fce254a53220db0660fef4900f4807189938c4e9b
Zip Filename driver-broadcom-bnxt_en-1.8.29.zip
Zip File sha256 ebc49368ffa514792c3c0f98882426723b307b8e691eb9e5241b77d198375a47
Size of the Zip file 0.35 MB

RPMs Provided

RPM Name
broadcom-bnxt-en-1.8.29-1.x86_64.rpm

More Information

If you experience any difficulties, contact Citrix Technical Support.

For information on how to build driver disks, refer to Citrix XenServer ® 7.1 Supplemental Packs and the DDK Guide.

Related: