Has anyone tested it yet with CZ.NIC hardware?
2 Likes
Hi @viktor,
Thank you for bringing attention to such an issue.
We are investigating this with the highest priority. While looking into more details, I see that the Turris Omnia router should be affected. Unfortunately as far as I know nobody reached us from ESET before publishing the article. 
Also if anyone finds anything security-related, we have a dedicated email address for such issues.
When there is anything more, we will let you know.
2 Likes
Eset’s yesterday blog post says that Omnia is vulnerable:
The devices we tested and found to have been vulnerable are the D-Link DCH-G020 Smart Home Hub and the Turris Omnia wireless router.
(For clarification; it wasn’t clear to me from the above posts.)
If Eset know it, he should have told you in advance! This is unforgivable, especially when it comes to brothers from Slovakia.
1 Like
ESET is reporting that as know vulnerability for Qualcomm chipset: CVE-2020-3702
https://www.qualcomm.com/company/product-security/bulletins/august-2020-security-bulletin
It was initially reported on 03/03/2020.
Few days ago extend vulnerability to further vendors and released proof-of-concept of exploit.
Hello guys,
We sent several emails to ESET, but so far, we don’t have any luck. @Leonardo posted here Qualcomm bulletin, where you can see affected chipsets for CVE-2020-3702, but by default, we are not using any listed chipsets there. Turris Omnia comes preinstalled with two Wi-Fi cards:
- Compex WLE900VX (chipset Qualcomm QCA9880)
- Compex WLE200N2 (chipset Atheros AR9287)
We are seeking more details about cryptographic issues together with our Wi-Fi card supplier - Compex and we got in touch with Qualcomm to get more details.
Stay tuned for updates!
5 Likes
Any news with this possible issue?
1 Like