Gonna be a long day for anybody with CPE that does WPA2..

Looks like WPA2 may have just become the new WEP.

And it looks like we're all going to be reflashing a lot of devices.

"The proof-of-concept exploit is called KRACK, short for Key Reinstallation
Attacks. The research has been a closely guarded secret for weeks ahead of a
coordinated disclosure that's scheduled for 8 a.m. Monday, east coast time. An
advisory the US CERT recently distributed to about 100 organizations described
the research this way:

"US-CERT has become aware of several key management vulnerabilities in the
4-way handshake of the Wi-Fi Protected Access II (WPA2) security protocol. The
impact of exploiting these vulnerabilities includes decryption, packet replay,
TCP connection hijacking, HTTP content injection, and others. Note that as
protocol-level issues, most or all correct implementations of the standard will
be affected. The CERT/CC and the reporting researcher KU Leuven, will be
publicly disclosing these vulnerabilities on 16 October 2017."


Dear all,

Website with logo: https://www.krackattacks.com/

Paper with background info: https://papers.mathyvanhoef.com/ccs2017.pdf

Kind regards,


I see here that MikroTik has patched this about a week ago: https://forum.mikrotik.com/viewtopic.php?f=21&t=126695

Any word on other vendor's response to this?


Aruba: http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2017-007.txt

-- Jim Gogan / UNC-Chapel Hill


Any word on other vendor's response to this?

Aruba - http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2017-007_FAQ_Rev-1.pdf

https://github.com/kristate/krackinfo has a nice overview of various
vendors and their statuses, including links to their responses.

Best regards,

Based on my reading this morning many (but not all) of the attacks are
against _clients_ with no way to migitate by simply upgrading AP's.

Sure, Windows, Mac, Linux...but also Android and iOS...and that "smart"
TV, the streaming stick plugged into it, the nanny cam, etc, etc, etc.


Ubiquiti already has it patched in UniFi firmware release 3.9.3 (see forums for more detail, or I'll be doing a sticky post in /r/ubiquiti later). 3.8.15 for Broadcom based APs like the first gen UAP-AC and ACv2 should be soon from what I read.

Don't know about Airmax yet though.

So, any bets on the likelihood of consumer gear getting fixes or are we pretty much only expecting prosumer and higher to actually get fixed?

Cisco's PSIRT:

Some fixes appear to be available, or will be soon.