
As many people have read or will soon read, there is a vulnerability in the WPA2 wireless protocol called Krack that could allow attackers to eavesdrop on wireless connections and inject data into the wireless stream in order to install malware or modify web pages.
To protect yourself, many WiFi product vendors will be releasing updated firmware and drivers for their products. It is strongly suggested that users update their hardware as soon as a update is available in order to protect themselves. This includes router firmware and wireless network card drivers.
To help with this, I have created a list of known information regarding various WiFi vendors and whether new drivers are available. As this vulnerability is fairly new, there is little information available, I advise you to check this page throughout the coming days to see if new information is available. This page includes information resulting from contacting of vendors, CERT's informative page, and other sources.
Last Updated: 10/20/17 14:35 EST
Companies with available information:
ADTRAN
ADTRAN posted in their forums that they are performing an investigation and will send out a security notice to all signed up users with details. A security advisory was sent out on 10/18/17 to customers that basically reiterates the same information.
Aerohive Networks
Aerohive has released an advisory explaining under what circumstances their products are vulnerable to KRACK. They also included information on what HiveOS upgrades mitigate this attack,
Arch Linux
Arch has pushed out updates for wpa_supplicant and hostapd. Patches can be found here and here.
Amazon
An Amazon Spokesperson responded to our inquiry with "We are in the process of reviewing which of our devices may contain this vulnerability and will be issuing patches where needed.".
Apple
Today, October 31st, Apple has released updates for all of their core operating systems that included fixes for the KRACK vulns.
Aruba Networks
Patch information can be found here & here. A FAQ was posted as well.
Arris
An Arris spokesperson told BleepingComputer:
ARRIS is committed to the security of our devices and safeguarding the millions of subscribers who use them. The KRACK flaw affects the WPA2 protocol itself and is not specific to any device or manufacturer. There is no current evidence of malicious exploits.
ARRIS is evaluating our full Wi-Fi portfolio and will release any required firmware updates as quickly as possible.
Asus
Asus has released information (see bottom of the page) and working with chipset suppliers to patch the vulns and will release an update as soon as its ready.
AVM
AVM has a advisory posted regarding the KRACK vuln. According to AVM "FRITZ!Boxes on broadband connections are currently not affected by the wireless security breach known as "Krack", as such access points do not use the affected 802.11r standard.". They also do not seem to be happy regarding the way the disclosure was handled.
Barracuda Networks
Barracuda posted an advisory that lists affected products and contains links on hotfixes to resolve the KRACK vulns.
Belkin, Linksys, and Wemo
BleepingComputer received a response from Belkin that states:
"Belkin Linksys, and Wemo are aware of the WPA vulnerability. Our security teams are verifying details and we will advise accordingly. Also know that we are committed to putting the customer first and are planning to post instructions on our security advisory page on what customers can do to update their products, if and when required.”
Cisco
Cisco has released an advisory that discusses the vulnerability in relation to their product and a list of products that are vulnerable. Cisco has stated that IOS and driver updates are being developed and will be released. Cisco product users are advised to check the advisory often for future updates.
DD-WRT
A beta version of DD-WRT is on their FTP Site. At the time of this writing, the latest firmware is in a folder named 10-17-2017-r33525.
Debian
Debian posted an advisory to the Debian Security Announce mailing list with information on updates that resolve the Krack vulnerability.
Dell
Dell has posted an advisory that lists all products that are NOT affected by the KRACK vulns. More information about affected products will be added to the advisory soon.
D-Link
D-Link has posted an advisory stating that they are waiting for patches from the chipset manufacturers. They further accurately state that "For consumers users, your priority should be updating devices such as laptops and smartphones.".
DrayTek
DrayTek has posted an advisory detailing what products are affected by KRACK and stating that updates will be available next week.
Edimax
Edimax posted an advisory stating:
This vulnerability will require collaborative firmware patches from relevant manufacturers. Edimax is requesting assistance from them and is working diligently for the firmware fix. It will be published on Edimax website as soon as it becomes available.
eero
eero released an advisory that states that they have rolled out eeroOS version 3.5, which mitigates the KRACK vulns.
EnGenius
EnGenius has posted an advisory with some information about the attack. I was told by an EnGenius spokesperson that they are "working on security patches and will release updates to its firmware by the end of October".
Espressif
Espressif has released updates for ESP-IDF, ESP8266 RTOS SDK, & ESP8266 NONOS SDK on their Github page.
Extreme Networks
Extreme Networks released an advisory and stated hotfixes for the KRACK vulns will be released starting on October 20th.
F5 Networks
According to a released advisory, F5 Networks products are not affected by KRACK.
Fedora
Fedora has a Fedora 25 update available for testing. The Fedora 26 and Fedora 27 udpates are pending to be added to the Stable release.
FreeBSD
According to CERT, FreeBSD is aware of the vulnerability and users should either join their FreeBSD-Announce mailing list or monitor their Security Information page.
Fortinet
According to this document, the FortiAP 5.6.1 release fixed the KRACK vulns.
Android 6.0 and higher are currently vulnerable to this attack. When BleepingComputer contacted Google, their statement was "We're aware of the issue, and we will be patching any affected devices in the coming weeks". No information is available as of yet regarding Google WiFi.
Intel
Intel has released an advisory, which includes links to updated drivers.
Kisslink
Kisslink has told BleepingComputer that as their products are protected via their Promximity technology and thus are not using WPA2 or affected by its bugs.
Lede
Updated packages for hostapd-common - 2016-12-19-ad02e79d-5, wpad - 2016-12-19-ad02e79d-5, and wpad-mini - 2016-12-19-ad02e79d-5 are available on Ledge. You can check for update availability via the opkg list-upgradable command and upgrade using opkg update command.
Update 10/18/17: LEDE released the 17.01.4 service release to resolve the KRACK bugs and other issues.
LineageOS
LineageOS has had patches merged to prevent the Krak vulns.
Linux
According to the vulnerability release, "Our attack is especially catastrophic against version 2.4 and above of wpa_supplicant, a Wi-Fi client commonly used on Linux.". Patches can be found here.
Meraki
Updates have been released for Cisco Meraki that resolve the KRACK vuln. More info can be found in this advisory: 802.11r Vulnerability (CVE: 2017-13082) FAQ.
Microchip Technology
Microchip has posted an advisory with available updates.
Microsoft
Microsoft quietly fixed the KRACK vulns in the October 10th Patch Tuesday.
MikroTik
According to MikroTik: "RouterOS v6.39.3, v6.40.4, v6.41rc are not affected! AP mode devices are not affected. All implemented fixes refer only to station and WDS modes.". They further stated that firmware versions were released last week to fix this vulnerability.
Netgear
Netgear has released an advisory that contains a list of products affected by KRACK and associated updates.
Nest
Stated that patches will be rolled out next week. These will autoupdate and will not require user intervention.

OpenBSD
OpenBSD was provided a patch that was used to silently update and fix this vulnerability. More information can be read here and here.
Open-Mesh & CloudTrax
An advisory was posted for Open-Mesh & CloudTrax regarding the Krack vuln. An update is expected to be delivered to all of those that use automatic updates by the end over October 17th. More info at the advisory.
Peplink
Peplink has issued an advisory stating that users of the Wi-Fi as WAN functionality are vulnerable to this attack. To temporarily fix this issue, users can disable this feature and wait for an updated firmware to be released.
pfSense
pfSense, which is based off of FreeBSD, has opened an issue to import FreeBSD's fix.
Qualcomm
A Qualcomm spokesperson has told BleepingComputer:
"Providing technologies that support robust security and privacy is a priority for Qualcomm Technologies, Inc. (QTI). We have been working with industry partners to identify and address all implementations of the open source security issue involving WPA packet number reuse within Qualcomm-powered products. Patches for these issues are available now on the Code Aurora Forum and through other distribution channels, with additional patches posted as soon as they are verified through our quality assurance process"
Red Hat
Red Hat has generated an advisory regarding the vulnerability in wpa_supplicant. No further information available.
Raspberry Pi
As this uses wpa_supplicant, you need to update to the latest packages. Use sudo apt update followed by sudo apt upgrade to install a patched wpa_supplicant.
Ruckus Wireless
Ruckus Wireless has posted a security advisory that states that disabling 802.11r will mitigate CVE-2017-13082. Security patches for affected devices will be released as soon as they become available.
Sierra Wireless
Sierra Wireless posted a technical bulletin on affected products and remediation plans. Link from CERT.
Sonicwall
Sonicwall has released an advisory that states that they are not vulnerable:
SonicWall Capture Labs has evaluated these vulnerabilities and determined that our SonicPoint and SonicWave wireless access points, as well as our TZ and SOHO Wireless firewalls, are not vulnerable to the flaws in WPA2.
SonicWall is working on a solution to provide an additional layer of protection for SonicWall customers that will block these man-in-the-middle attacks even from vulnerable unpatched clients. This will be delivered in a future SonicOS update.
Sophos
Sophos has released an advisory stating that the Sophos UTM Wireless, Sophos Firewall Wireless, Sophos Central Wireless, and Cyberoam Wireless products are affected by the Krack vulnerability. Updates for these products will be released soon.
Synology
Synology posted an advisory that indicates Synology DiskStation Manager (DSM) with attached WiFi dongle and Synology Router Manager (SRM) are vulnerable to Krack. According to Synology, updates for affected products will be released soon.
Tanaza
Tanaza has reached out to BleepingComputer to advise that their v2.15.2 firmware contains a patch for KRACK.
Toshiba
According to CERT, Toshiba's SureMark 4610 Printer (Models 1NR, 2CR, 2NR) with Wireless Lan Adapter & Canvio AeroMobile Wireless SSD product are affected. Toshiba will be contacting owners and business partners directly in regards to the printer and a firmware update will be released for the wireless SSD card.
TP-Link
When I contacted TP-Link tech support, I was told "Our seniors are keeping an eye on this issue. Currently we haven't received any feedback that TP-Link product is affected by that. We will offer an update on our official website once we have any new info."
On October 18, TP-Link issued the following statement with details on affected products.
Turris Omnia
Turris, which uses OpenWRT, posted in their forums that a patch was added to their repository that they are going to test and release a fix. Hopefully, this will lead to OpenWRT releasing an update soon as well.
Ubiquiti (UniFi, AmpliFi, airMax)
Ubiquiti have posted an advisory that provides details on what UniFi, AmpliFi, and airMax products are affected by the KRACK vulnerability. This advisory also provides links to the updates that resolve this attack.
It should be noted that the 802.11r (Fast Roaming) beta feature is still vulnerable and it is advised that it be disabled until a future update resolves the issue.
Ubuntu
Ubuntu has released an advisory with information on how to update wpa_supplicant and hostapd in order to resolve this vulnerability.
WatchGuard
WatchGuard has issued an advisory outlining when updates are going to be available for their various products and services.
WiFi Alliance Announcement
The WiFi Alliance released an announcement regarding the KRACK vulns, what products are affected, and how to mitigate the issues. New version of Xirrus AOS will be released by October 30th 2017.
Xirrus/Riverbed
Xirrus/Riverbed have posted an advisory
Zyxel
Zyxel has created a page that details what products are affected. While they are working to fix the vulnerability, there are no updated drivers and firmware available.
Companies claimed to be not affected by Krack:
Arista Networks, Inc.
Lenovo
Vmware
Companies with no available information:
3com Inc
Actiontec
Alcatel-Lucent
AsusTek Computer Inc.
Atheros Communications, Inc.
Broadcom
CentOS
EMC Corporation
Extreme Networks
F5 Networks, Inc.
Foundry Brocade
Hewlett Packard Enterprise
IBM, INC.
Kyocera Communications
Marvell Semiconductor
MediaTek

Comments
MystikIncarnate - 6 years ago
Seems like you're missing enGenius/Senao Networks; here is their press page:
https://www.engeniustech.com/press-releases.html
Lawrence Abrams - 6 years ago
Thanks. I have already reached out to EnGenius and will update the article with their reply.
MystikIncarnate - 6 years ago
I appreciate it. thanks.
Occasional - 6 years ago
In trying to find more info on DD-WRT patching, found this today's forum:
"- According to the researchers, the newly discovered attack works against:
Both WPA1 and WPA2,
Personal and enterprise networks,
Ciphers WPA-TKIP, AES-CCMP, and GCMP
In short, if your device supports WiFi, it is most likely affected. During their initial research, the researchers discovered that Android, Linux, Apple, Windows, OpenBSD, MediaTek, Linksys, and others, are all affected by the KRACK attacks -"
Was going to ask if Enterprise/Radius was worth the hassle to avoid this type of vulnerability; but that's a moot point.
Same forum also has:
"- Look here: ftp://ftp.dd-wrt.com/betas/2017/
Anything newer than 10/10/2017 should contain the fix.
Then you have to find the folder for your device. -"
Haven't gotten to that betas link yet - but response shows how effective community based support can be.
Occasional - 6 years ago
Reply-to-P.S.
As of 4:30 PM today nothing newer than 10/10/2017 from the DD-WRT link above.
[Side note - kept hitting the link from Edge, without getting through. Tried with IE, got through on first try]
KnightmareX13 - 6 years ago
Anyone heard anything from Edimax? Haven't seen them listed anywhere
Lawrence Abrams - 6 years ago
Will reach out and see if I can get an update.
ke3bz - 6 years ago
From Sophos:
https://community.sophos.com/kb/en-us/127658
Sophos products affected:
Sophos UTM Wireless
Sophos Firewall Wireless
Sophos Central Wireless
Cyberoam Wireless
Protections offered by Sophos products:
Development is working on fixes for all affected products.
Lawrence Abrams - 6 years ago
Thank you. Added
WhyYouLoveMe - 6 years ago
I haven't been able to find any advisories from Dell or SonicWall.
wewert - 6 years ago
Are game consoles manufacturers within the scope of this list? Real curious if the hardware made by Nintendo, Sony and Microsoft are affected by this vulnerability, they all use WiFi.
Anyone heard anything from these companies?
Occasional - 6 years ago
My reading is yes: if it's Wi-Fi and uses WPA2, it's vulnerable (unless already patched). Not a game console person, so don't know which ones have Ethernet, and ability to stop Wi-Fi; but that's what I'd try until you have a fix. - LA's article does say that MS included fix in last week's Patch Tuesday (so I guess your Xbox is Ok, if you did the update). Waiting for word from others.
Ghamit - 6 years ago
What about Ruckus?
gnz - 6 years ago
Nothing about chinese manufacturers like ZTE, Foxconn or Huawei seems weird. Specially the last one, because a member of the research team who works there, and maybe even worst for Foxconn ( or HonHai as it sometimes appears on OUI lists) as it's an OEM brand for other more visible manufacturers (wireless cards on desktop/laptops specially)
Lawrence Abrams - 6 years ago
Reached out to them, but no replies yet unfortunately.
Ghamit - 6 years ago
Just found this on Ruckus site.
https://ruckus-support.s3.amazonaws.com/private/documents/2040/faq-security-advisory-id-101617-v1.0.pdf?AWSAccessKeyId=AKIAJM3QLNNKLOV235TQ&Expires=1508246875&Signature=T77wuKyH4PyENGz7td2sNG57Kc8%3D
Pallidin - 6 years ago
Salient points from Ruckus' release:
a) Impact of CVE-2017-13077, CVE-2017-13078, CVE-2017-13079, CVE-2017-13080, CVE-2017-13081: Ruckus APs are not exposed to these vulnerabilities unless deployed in Mesh or Point-to-Point topologies.
b) Impact of CVE-2017-13082: Ruckus APs are not exposed to this vulnerability unless 802.11r is enabled.
c) Impact of CVE-2017-13084, CVE-2017-13086, CVE-2017-13087, CVE-2017-13088: Ruckus APs are not exposed to these vulnerabilities.
Occasional - 6 years ago
Has anyone figured out if both host and client sides of the WPA2 handshake have to be unpatched for a successful krack attack; or it's the case that if either the client or the host is patched, that connection is secure? That would make a big difference.
Steltek - 6 years ago
If either side is not patched, they are vulnerable. You can't just patch the AP and then expect a vulnerable client to be safe. (In a normal Access Point situation, the attack can only be performed on the client, however some advanced AP features may allow exploitation on that side.)
Occasional - 6 years ago
Yes, Thanks -that's what I've been seeing today. Not my area, so relying on what seems to make sense.
Also see some comments that suggest the router role is a factor: "Yeah, my understanding is that the vulnerability only affects a router operating in client/repeater mode. If it is just a straight AP then he patch is pretty useless." (from DD-WRT forum).
Another post said "WPA2 is still the best we have, and if you're using AES, it's "just" a lack of confidentiality in that some packets can be decrypted. " If true, AES use will allow "Peeks" but not "Pokes" - something, anyway.
Petes21 - 6 years ago
Any idea about the Technicolor tc7300 router, many cable companies use that brand. How can I tell of the router has been patched?
Lawrence Abrams - 6 years ago
I reached out to them but have not heard back
GT500 - 6 years ago
I haven't been able to find any information about this attack and Tomato by Shibby router firmware. Hopefully he can get a patch out as well, but he's got a ton of firmwares to patch.
GT500 - 6 years ago
So far all I can find Tomato by Shibby related is people asking about the issue and asking for a patch, and no official response yet:
http://www.linksysinfo.org/index.php?threads/tomato-shibbys-releases.33858/page-80#post-291559
uslacker99 - 5 years ago
You can see that it's on his list here:
https://bitbucket.org/pl_shibby/tomato-arm/issues/184/apparently-wpa2-protocol-is-vulnerable-to
There's also a donate link on his website: http://tomato.groov.pl/
That might motivate him a little! My guess is that he's got a day job too.
GT500 - 5 years ago
Thanks for the link. Hopefully he will be able to find some time to at least look in to the security issues that have been reported recently. I have yet to hear any confirmed report that this KRACK attack effects Tomato by Shibby firmware.
archiemac - 6 years ago
Draytek says its routers aren't affected when they are being used as wifi bases, and that no firmware update is required. (They are affected if used as relays/access points). Anyone heard otherwise?
felubra - 6 years ago
D-link has released an advisory here: http://supportannouncement.us.dlink.com/announcement/publication.aspx?name=SAP10075
Lawrence Abrams - 6 years ago
Thanks. Added to the list and reached out to any other reported vendors.
Steltek - 6 years ago
LEDE fix is in these packages:
hostapd-common - 2016-12-19-ad02e79d-5
wpad - 2016-12-19-ad02e79d-5
wpad-mini - 2016-12-19-ad02e79d-5
Run an 'opkg update' and check 'opkg list-upgradable' for their availability. (Packages may not yet be available for all architectures.)
For Ubiquiti Networks: It should be noted that 802.11r (fast roaming) is not fixed yet. The 3.9.3 firmware only fixes the STA mode (wireless uplink client) of the APs. Ubiquiti recommends disabling 'fast roaming' for now.
hal_9000 - 6 years ago
Hi,
it would be nice if you could add AVM https://en.avm.de/ here, they are at least a big player in Germany.
ukwiz - 6 years ago
According to my ISP AVM have said that it is not really a problem
ukwiz - 6 years ago
And from AVM themselves:
Today (October 17), we can tell that FRITZ!Boxes on broadband connections are currently not affected by the wireless security breach known as "Krack", as such access points do not use the affected 802.11r standard. A possible, theoretical Krack attack targets the wireless connection of a client connecting to the wireless LAN.
Please find our complete statement on the current analysis of the "Krack" security breach so far and the possible effects on AVM products by clicking on the following link:
https://en.avm.de/news/short-notes/2017/wpa2-flaw-fritzbox-on-broadband-connections-are-secure/
Occasional - 6 years ago
DD-WRT has new patched update: ftp://ftp.dd-wrt.com/betas/2017
Bottom of list, with today's date.
MatlockQC - 6 years ago
Synology update is out. #patched
jhalpin64 - 6 years ago
Will some post here once anyone hears anything from LinkSys please.
WhyYouLoveMe - 6 years ago
LinkSys is included in the Belkin response.
Lawrence Abrams - 6 years ago
What's above is from Belin. No update as of yet.
ddeerrff - 6 years ago
On another forum I follow, someone asked about Technicolor. Modem/router used around here by Spectrum Cable.
Cyber-Defender - 6 years ago
SonicWall is NOT Vulnerable
https://www.sonicwall.com/en-us/support/knowledge-base/171016141435924
f00barbob - 6 years ago
AT&T has a large number of Pace routers in operation, namely 5268ac and 4111n ... probably worth mentioning, if anyone has any data on these. Not actually sure if that's relevant to this list, as those would tend to be automagically updated by AT&T.
bad_packets - 6 years ago
Arris needs to be added. Per ZDNet:
Arris: a spokesperson said the company is "committed to the security of our devices and safeguarding the millions of subscribers who use them," and is "evaluating" its portfolio. The company did not say when it will release any patches.
ikkerus - 6 years ago
The world community has created also a list with more vendors, please share: https://github.com/kristate/krackinfo
gnz - 6 years ago
TP-Link just updated their answer http://www.tp-link.com/en/faq-1970.html
This time, a litlle more comprehensive list, explanations and suggestions
sudo_shinji - 6 years ago
Here is my official response from Sonicwall, I don't know whether I trust this claim or not but it's what they are saying.
"SonicWall Capture Labs has evaluated these vulnerabilities and determined that our SonicPoint and SonicWave wireless access points, as well as our TZ and SOHO Wireless firewalls, are not vulnerable to the flaws in WPA2.
SonicWall is working on a solution to provide an additional layer of protection for SonicWall customers that will block these man-in-the-middle attacks even from vulnerable unpatched clients. This will be delivered in a future SonicOS update. "
Occasional - 5 years ago
Doesn't sound like they are blowing smoke; so I'd feel fairly confident. But then, have you ever felt 100% secure with Wi-Fi?
I do like that they say they are working on added layer to protect against a category of attacks (not just this instance), and that it will cover unpatched clients (block them, if nothing else). I'm sure others will too, until the Wi-Fi Alliance comes up with a comprehensive fix.
Not an expert, and working my way through what combinations create the risk - but unpatched devices on either host or client will keep this problem alive for long after vendors for both sides make updates available. Wouldn't want to guess how many devices are never patched/updated.
andrebrait - 5 years ago
LEDE just released version 17.01.4 with the required fixes plus a new workaround to deal with unpatched clients as well.
MV10 - 5 years ago
Is the vulnerability really a problem for WiFi clients or only routers and other APs?
Any word from auto manufacturers? Over the past few years lots of vehicles offer WiFi APs...
dwilkins - 5 years ago
Anyone have information on Samsung wifi enabled TV's? Many lobbies and conference rooms have them.
Occasional - 5 years ago
Just a thought: if it's not already, register smart devices online, and include an email address (check box for notices, updates..., if an option). I've talked to people who have gotten firmware updates for this problem that way.
MrMegaZone - 5 years ago
An update - F5 Networks is Not Vulnerable: https://support.f5.com/csp/article/K23642330
bad_packets - 5 years ago
ASUS has posted their response: https://www.asus.com/Static_WebPage/ASUS-Product-Security-Advisory/
rithemking - 5 years ago
Heard anything from Barnes and Noble regarding their Nook line? I can't even get a response that isn't a copy/paste answer to questions I didn't ask.
Joe_BubbA - 5 years ago
ASUS has new firmware now. At least for the RT-AC66U.