Security researchers have recently published a wireless exploit titled “Key Reinstallation Attacks” (abbreviated as KRACK), indicating users of any wireless device currently face a severe security risk.
This vulnerability affects any device that uses the Wireless Protected Access 2 (WPA2) security mechanism. WPA2 is currently the industry’s most popular and recommended security standard for 802.11 wireless networks.
In some cases, this vulnerability may allow an attacker to manipulate data on a Wi-Fi network, or inject new data. This means hackers could steal user passwords and financial data, or even manipulate commands to wire money to themselves.
Please note: an attacker needs to be physically in range of a target Wi-Fi network to carry out the attacks.
To prevent possible attacks, you must update affected devices as soon as security updates become available.
To reiterate, every Wi-Fi device is affected by this vulnerability. This includes end-user devices such as smartphones, tablets, and laptops; as well as IoT products like smart thermostats, fridges, locks, etc.
SnapAV Affected Products
Below are affected SnapAV products and what we are doing to fix the problem.
Araknis Networks – Wireless Access Points
We are currently working on a firmware update, which will be available on SnapAV’s website, as well as OvrC. If you have claimed the access points on OvrC, the fix will be available as a firmware update, which can be applied to all customers remotely.
If you do NOT have their access points claimed on OvrC, you need to either
- Claim them on OvrC, or
- Download the update file from our Support page and remotely log in to the local UI of the access points and apply the firmware update. This can be done via remote port forwarding or VPN access to the site.
Autonomic – 1e Music Streamer
We are currently working on a firmware update, which will be available on SnapAV’s website.
Next Steps for You
As mentioned above, we are currently working on a fix for all SnapAV Wi-Fi products. Please be on the lookout for further communications in the coming weeks as one is tested and validated.
In the meantime, you can take the following steps to help reduce your customers’ risk when using Araknis access points:
- Disable Fast Roaming
- Keep access point in Access Point Mode (NOT Repeater Mode)
What to Tell Your Customers
If customers inquire about the KRACK wireless exploit, remind them that it affects their mobile devices and IoT devices on any network they connect to. They should use wireless networks with caution until each device manufacturer issues an update and it has been applied.
Therefore, they should take these defensive steps:
- Update their personal devices to latest firmware as soon as it becomes available.
- Make sure their frequently visited sites (e.g. Facebook) and financial services websites (e.g. banks) show a lock on the browser tab to indicate a secure connection.
- Be aware of who is using their Wi-Fi network since any potential attack must be issued within physical range of the network.
Further Information
If you have any questions or concerns, please contact Customer Support at 866-424-4489.
Leave A Reply!