October 17, 2017
Updated on December 18, 2017
Toshiba Memory Corporation is informing our valued customers of a potential WPA2 wireless LAN protocol vulnerability with the Toshiba Memory FlashAir™ ("Product") has been identified. This vulnerability is related to the generation and management of key information which is utilized for encrypting data. With this vulnerability there exists a possibility that the data transmitted between the Product and wireless LAN devices such as smartphone can be compromised.
FlashAir™ W-04 ("Software Update Affected Product") needs to be updated to correct this issue. Please update the software of your Software Update Affected Product using the "FlashAir™ W-04 Software Update Tool".
We also ask customers to check this vulnerability of the Wi-Fi device connected to FlashAir™ ("Device") prior to connecting to the FlashAir™ W-03, FlashAir™ W-02 and FlashAir™ Class6, as well as the Software Update Affected Product whether it is updated or not . About the vulnerability of the Devices, please contact to Devices’ customer and/or technical support.
If you have any questions about this vulnerability of the Product, please contact the technical support representative and we will be happy to support you. For information regarding how to reach the technical support representative, please visit https://www3.toshiba.co.jp/semicon/contact_e/cgi-bin/q_form.cgi.
|Software Update Affected Product||Model||Capacity Label||Software Version|
|SDHC/SDXC Memory Card
with embedded wireless LAN functionality FlashAir™ W-04
|SD-UWA064G||64GB||V4.00.01 or earlier|
Toshiba Memory Corporation as found a vulnerability of the WPA2 protocol used for wireless LAN encryption. This vulnerability is related to the generation and management of key information that encrypts the data transmitted.
There exists the possibility that data transmitted between the FlashAir™ W-04 and a wireless device may be compromised.
Please update the software of your Software Update Affected Product using the "FlashAir™ W-04 Software Update Tool" below.
This security vulnerability is modified in the software V4.00.02.
* WPA2 is a trademark of Wi-Fi Alliance.
* Android is a trademark of Google Inc.
* All other company names, product names, and service names may be trademarks of their respective companies.
A new window will open.