EDIMAX statement related to vulnerabilities of the WPA2 protocol
(KRACK -Key Reinstallation Attacks)
As the WPA2 4-way handshake process vulnerability issue (hereinafter referred to as “Vulnerability”) was announced recently, EDIMAX immediately started to work directly with a variety of chipset vendors in order to find a fast and appropriate solution.
This Vulnerability affects WiFi client devices, WiFi repeaters, WiFi access points and routers with the IEEE 802.11r feature, and WiFi WDS mode devices. However, WiFi access points and routers that do not integrate the IEEE 802.11r feature are free from this Vulnerability.
For all existing EDIMAX products please see the information below to assess the impact of this Vulnerability:
A.EDIMAX Wi-Fi Router, Range Extender, USB NIC(SoftAP) and Access Points(WDS Mode) are impacted with WDS or repeater mode. The collaborative firmware patches to fix the vulnerability will be released and published on the Edimax website as soon as it is available.
B.If your AP has the 802.11r feature turn on, it is advised to turn it off until new firmware patch is available.
C.Please update, when available, the operating systems on your computer and mobile devices. Encrypted communication protocols are highly recommended (such as VPN or HTTPS), especially when delivering confidential information. Please also visit Edimax website regularly for the newest information and firmware updates.
D.EDIMAX USB NIC, Access Points and IP Camera are not impacted by this Vulnerability, if the user has not configured the device into WDS or repeater mode. In case you have configured it into a WDS or repeater mode, please switch it back to an access point or router mode until EDIMAX provides the necessary patch.
E.EDIMAX Switch, PLC and Ethernet NIC Card products performing as Wired and without Wi-Fi features are considered free from this Vulnerability.
The corresponding security patch schedule will be released shortly.
Should you have any questions or concerns, please feel free to contact your EDIMAX representative or email to firstname.lastname@example.org.