• Menu
  • Product
  • Email
  • PDF
  • Order now
  • WiLink WL18xx PN Reuse Issue

    • SWRA788 august   2023 WL1801 , WL1801MOD , WL1805MOD , WL1807MOD , WL1831 , WL1831MOD , WL1835MOD , WL1837MOD

       

  • CONTENTS
  • SEARCH
  • WiLink WL18xx PN Reuse Issue
  1.   1
  2.   Summary
  3.   Vulnerability
  4. IMPORTANT NOTICE
search No matches found.
  • Full reading width
    • Full reading width
    • Comfortable reading width
    • Expanded reading width
  • Card for each section
  • Card with all content

 

PSIRT Notification

WiLink WL18xx PN Reuse Issue

Summary

In certain cases, the PN used by the WL18xx firmware when transmitting packets can increment beyond the PN stored by the host-side driver for WL18xx. The host-side PN value is used to recover the system if a reset is required. If a device recovery is triggered, the PN will be restored by the value saved in the host, which can cause the WL18xx device to repeat PN numbers in subsequent transmitted packets without changing keys.

Vulnerability

TI PSIRT ID

TI-PSIRT-2021-100120

CVE ID

WiLink WL18xx PN reuse issue

CVSS Score: 5.7

CVSS Vector:

CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Affected Products

  • WL1801, WL1831
  • WL1801MOD, WL1831MOD, WL1805MOD, WL1835MOD, WL1807MOD, WL1837MOD

Potentially Impacted Features

The reuse of PN numbers can appear as a replay attack to a connected AP, which can respond by dropping incoming packets. This can lead to a period during which a WL18xx station can experience a denial of service.

Suggested Mitigations

The following updates have been released to fix this vulnerability:

  • Wl18xx_fw v8.9.1.0.0
  • R8.8 wlcore patch: 0023-wlcore-Fixing-PN-drift-on-encrypted-link-after-recov.patch

Products based on the WL18xx NLCP Driver can be updated with the firmware version v8.9.1.0.0 and apply the wlcore patch to fix this issue.

NOTE: Both the firmware and the driver updates must be applied together for the system to work properly and to fix the issue. Updating the firmware without applying the latest driver can cause the driver to fail during initialization.

 

Texas Instruments

© Copyright 1995-2025 Texas Instruments Incorporated. All rights reserved.
Submit documentation feedback | IMPORTANT NOTICE | Trademarks | Privacy policy | Cookie policy | Terms of use | Terms of sale