As some of you may have heard, a weakness in the WPA2 protocol, known as KRACK or Key Reinstallation Attack, has recently been discovered. This vulnerability could give attackers access to your wireless connections and allow them to install malware on your devices. Due to the nature of this weakness, any device that uses WiFi is likely to be vulnerable to an attack. The first thing you should do to combat this is to update your WiFi client devices, such as your smartphones, tablets, and computers. To protect against KRACK, users should also install firmware updates for affected products as soon as possible. Here at Streakwave Wireless, we have compiled a list of firmware updates and known information from our vendors to assist in this process.
AmpliFi
AmpliFi has already addressed the vulnerability with their latest firmware release notes
Aruba Networks
Aruba has released patches and has made a FAQ available
Cambium Networks
Cambium has released a community post regarding the KRACK updates. Updates are expected on October 30, 2017 for the cnPilot 3-Series and November 10, 2017 for the ePMP respectively.
Cradlepoint
Cradlepoint has released a security update that includes a list of affected devices and states that an update is expected to be released on October 31st
Edimax
Edimax has released a statement saying that a security patch schedule will be released shortly.
EnGenius
EnGenius has released an advisory summarizing the vulnerability and its effects on their customers. Firmware releases will be issued in the next few days and weeks.
MikroTik
MikroTik has already released a statement on their forum stating that they already fixed versions last week so long as devices are upgraded routinely, no further action is required.
Mimosa Networks
Mimosa released a statement on their community page stating "Mimosa is actively working on a solution with our technology suppliers to fix this industry wide vulnerability, and anticipate providing a patch release for our A, B and C series products in approximately 2 weeks."
Open Mesh
CloudTrax has already sent out a firmware update as of October 17th and has stated in a bulletin that they will be updating older versions of Open Mesh software soon.
Ubiquiti Networks
Ubiquiti has released an article on their help page listing all affected devices with links to accompanying updates.
