Response: KRACK WPA2 Key Reinstallation Attack

EDIMAX statment related to vulnerabilities of the WPA2 protocol
(KRACK - Key Reinstallation Attacks)


As the WPA2 4-way handshake process vulnerability issue (hereinafter referred to as “Vulnerability”) was announced recently, EDIMAX immediately started to work directly with a variety of chipset vendors in order to find a fast and appropriate solution.
 
This Vulnerability affects WiFi client devices, WiFi repeaters, WiFi access points and routers with the IEEE 802.11r feature, and WiFi WDS mode devices. However, WiFi access points and routers that do not integrate the IEEE 802.11r feature are free from this Vulnerability.
 
Please refer to: https://www.krackattacks.com/#details for more technical information.
 
For all existing EDIMAX products please see the information below to assess the impact of this Vulnerability:
 
[A.]  EDIMAX Wi-Fi Router, Range Extender, USB NIC(SoftAP) and Access Points(WDS Mode) are impacted with WDS or repeater mode. The collaborative firmware patches to fix the vulnerability will be released and published on the Edimax website as soon as it is available.

[B.]  If your AP has the 802.11r feature turn on, it is advised to turn it off until new firmware patch is available.

[C.]  Please update, when available, the operating systems on your computer and mobile devices. Encrypted communication protocols are highly recommended (such as VPN or HTTPS), especially when delivering confidential information. Please also visit Edimax website regularly for the newest information and firmware updates.

[D.]  EDIMAX USB NIC, Access Points and IP Camera are not impacted by this Vulnerability, if the user has not configured the device into WDS or repeater mode. In case you have configured it into a WDS or repeater mode, please switch it back to an access point or router mode until EDIMAX provides the necessary patch.

[E.]  EDIMAX Switch, PLC and Ethernet NIC Card products performing as Wired and without Wi-Fi features are considered free from this Vulnerability.
 
The corresponding security patch schedule will be released shortly.
 
Should you have any questions or concerns, please feel free to contact your EDIMAX representative or email to support@edimax.us


Below listed the firmware/driver that fixed the KRACK vulnerability. 

Access Points
Model No. Photo New Firmware Download
CAP1750  v1.8.3
OAP1750  v1.8.3
WAP1200  v1.8.2
WAP1750  v1.8.3
CAP1200  v1.8.3
CAP300  v1.8.2
CAP1300 v1.8.1

Routers
Model No. Photo New Firmware Download
BR-6208AC v2  v1.03

Network Adapters
Model No. Photo New Drivers Download
EW-7722UTn v2 Windows XP/Visa/7/8.x/10 (v1.0.1.6)
Mac OSX/macOS 10.9~10.13 (v1.0.1.6)
EW-7822UTC Windows 7/8.x/10 (v1.0.0.6)
Mac OSX/macOS 10.9~10.13 (v1.0.0.6)
Linux, kernel 2.6.24~4.7 (v1.0.0.8)
EW-7822ULC Windows 7/8.x/10 (v1.0.1.4)
 Mac OSX/macOS 10.9~10.13 (v1.0.1.5)
Linux, kernel 2.6.24~4.7 (v1.0.1.6)
EW-7612UAn v2  Mac OSX 10.9~10.13 (v1.0.1.6)
EW-7611ULB Linux Wi-Fi Driver, kernel 2.6.24~4.4.3 (v1.0.0.8)
Linux Bluetooth Driver, kernel 2.6.24~4.4.3 (v1.0.0.8)
EW-7811Un Linux, kernel 2.6.18~4.4.3 (v1.0.1.9)
EW-7811 AC600 Series Linux, kernel 2.6.18~4.11 (v1.0.2.2)
EW-7822UAC Linux, kernel 2.6.24~4.7 (v1.0.3.4)
EW-7833UAC Linux, kernel 2.6.18~4.4.6 (v1.0.1.0)

IP Cameras
Model No. Photo New Firmware Download
IC-7113W  v3.10
IC-7112W v3.07
IC-3116W v3.04
IC-9110W v3.09
IC-5150W v3.10
IC-5160GC v3.08


/*** EOF ***/
Last modified:  2018-06-14  8:47 AM  US-PST