FragAttacks - RUCKUS Technical Support Response Center

This page is the primary resource for CommScope RUCKUS customers and partners to address the FragAttacks security vulnerability. This page acts as a central home for support links and content to provide more information about the vulnerability, and other technical resources to assist you with the response to the FragAttacks vulnerability.

Security Bulletin, FAQs, and Knowledge Base

  • Security Bulletin 20210511 v1.1 - RUCKUS AP Aggregation And Fragmentation Attacks Vulnerability (aka “FragAttacks”)
  • FragAttacks Vulnerability FAQs - last updated 25 May 2021:  While the FAQs contain many answers to support-related questions, and you should absolutely read them all, we've surfaced these for quick visibility:
    • Q: What if I don’t have an active Support contract with RUCKUS – will I be able to upgrade my software?

      A: Yes. You will be able to obtain the patches that are available for your platform even if you don’t have a current support contract.

    • Q: I picked up the releases you mention, but the release notes do not mention anything about the vulnerabilities. Are they really fixed?
      A: The software versions with fixes and their release notes were made available prior to the public announcements of the FragAttacks vulnerability. In accordance with standard practice, there was an embargo on the public release of information about the vulnerabilities until 11 May 2021. After 11 May 2021, the release notes will be updated to explicitly mention the FragAttacks vulnerability. If you downloaded and installed the software versions mentioned above, please be assured that the fixes are present in the code.
  • Recommendations to Protect Wi-Fi Traffic: Management, Control, and Data from Vulnerability Exploitation - KBA # 000011636 -
    last updated 11 May 2021

FragAttacks Technical Resources

FragAttacks Security Patch Release Schedules - last updated 10 January 2023

Platform Release
 Target Patch Release Date802.11ax APs
802.11ac
Wave 2 APs		802.11ac Wave 1 APs

* For R730 APs, please upgrade to SmartZone 5.2.2 or to ZoneFlex 10.4.1.
** For SmartZone and Virtual SmartZone upgrades, only the AP patch is required to apply the vulnerability fixes, not a full zone upgrade.
*** For 802.11ac wave 2 APs, both AP patches 3.6.2.0.788 and 3.6.2.0.795 contain the same fix. 3.6.2.0.795 is adding the fix for 802.11ac wave 1 APs

Please review the Release Notes on the RUCKUS Support Portal for specific release build numbers.

FragAttacks Security Patch Release Schedules for 802.11ac Wave 1 and 802.11n Access Points - last updated 15 October 2021

RUCKUS Engineering and TAC have continued to support security fixes for the 802.11ac Wave 1 and 802.11n Access Points on a best-effort basis for models which are now past their End of Maintenance (EOM) dates and End of Support  dates.

We are several years past the EOM dates for the 802.11n access points, and nearly all 802.11n access points have reached or will reach their End of Support date (four years after EOM date)* on or before 31 December 2021.  We plan to provide fixes for FragAttacks for these APs as follows:

  • 802.11ac Wave 1 Access Points fix dates were published on 5 August 2021, and will continue to be updated as fixes release
  • 802.11n Access Points will not be fixed.  This impacts the following 11n APs:  7055, 7321, 7343, 7363, 7372, 7441, 7731 series, 7762 series, 7781-CM, 7781-CM, 7782 series, 7942, 7962, 7982, R300.

Due to the increasing-age of both the 802.11ac Wave 1 APs and the 802.11n APs, RUCKUS recommends upgrading to newer Access Points. Replacement APs are detailed at https://www.commscope.com/product-type/enterprise-networking/wireless-access-points/

* Most models reached their EOM dates between 2014 and 2018, with the latest EOM date as 30 April 2020 for the 7781-CM.  More than half of the 11n APs have also reached End of Support dates by 31 January 2021 or earlier (2942, 7962, 7341, 7343, 7351, 7363, 7025, 7441, 7762-AC, 7762-S, 7762-T, 7761-CM, 7321), with most of the remaining AP models reaching End of Support on 31 December 2021 (7731, 7782, 7782-N, 7782-S, 7782-E, 7982, 7372, 7352, 7055), except the R300 (End of Support on 1 November 2022) and the 7781-CM (End of Support on 30 April 2024).

CommScope RUCKUS End of Life policy and milestone dates documentation are available at https://support.ruckuswireless.com/product_families/4-eol-ruckus-products

Wi-Fi Technology and Access Points Models- last updated 15 October 2021

Wi-Fi Technology Access Point Models
802.11ax (Wi‑Fi 6)
 H550, R550, R650, R730, R750, R850, T350 series, T750 series
802.11ac Wave 2
 C110, E510, H320, H510, M510, R320, R510, R610, R710, R720, T310 series, T610 series, T710 series, T811-CM
802.11ac Wave 1
 H500, R310, R500 series, R600, R700, T300 series, T301 series, T504
802.11n
 7025, 7055, 7321, 7341, 7343, 7351, 7352, 7363, 7372, 7441, 7731 series, 7761-CM, 7762 series, 7781-CM, 7781-CM, 7782 series, 7942, 7962, 7982, R300

RUCKUS SmartZone** and
Virtual SmartZone**		 6.0.0.0.1640 21 May 2021
 Yes
YesNo
5.2.2.0.1080 8 July 2021
 Yes
YesYes
3.6.2.0.79510 January 2023
Not Applicable*
Yes***
Yes
3.4.2.0.936 15 July 2021
 Not Applicable
YesNo
RUCKUS Cloud
21.03 (Rel Notes)Rolling updates starting 11 May 2021
Yes
Yes
TBD
RUCKUS ZoneDirector 10.4.1.0.257 11 May 2021
 Yes
YesTBD
10.2.1.0.200 17 May 2021
 Yes*
YesTBD
10.0.1.0.146
 17 May 2021
 Not ApplicableYesTBD
RUCKUS Unleashed
200.9.10.4.24311 May 2021
Yes
Yes
TBD
200.7.10.202.12718 May 2021Not ApplicableYesTBD
RUCKUS SmartZone (FIPS)** and
Virtual SmartZone (FIPS)**
 5.2.1.3.1695
 12 July 2021
 Yes
YesN/A
5.1.2.3.1232  12 July 2021
Not ApplicableYes
N/A

Additional Resources

Industry Technical Response and Communications

Academic Research

Industry Associations

Media Contacts

Only authorized CommScope spokespeople are permitted to speak to the media. Please direct any media inquires to Jocelyn Penque or Joe Depa.

Working...Please wait

This is here to prevent you from accidentally submitting twice.

The page will automatically refresh.

Alert!!

Close