CSCvg10793%20-%20Key%20Reinstallation%20attacks%20against%20WPA%20protocol%20-%204

helpdesk2017 · ‎10-20-2017

Hi,

we have a Cisco 1830 version 8.2.141.0; however, the software download is for Cisco 1850. Can I use this software for my AP?

Thank you

Leo Laohoo · ‎10-20-2017

Yes and no. No, this software is vulnerable. You can use this software as long as 802.11r is disabled.

However, this vulnerability affects anything with a wireless NIC. It's not just wireless AP but also wireless clients as well. Patching the client will fix 9 out of 10 vulnerabilities but not CVE-2017-13082. (CVE-2017-13082 will be patched on the AP side.)

Posted (above) is the scheduled release date for the software fix. Cisco has taken an unprecedented step of "honouring" owners who've purchased APs and controllers without any valid Service Contract.

Leo Laohoo · ‎10-23-2017

Software fix for the KRACK vulnerability is now available for download. They are 8.0.152.0, 8.2.164.0, 8.3.132.0 and 8.5.105.0.

Leo Laohoo · ‎10-29-2017

A quick update to anyone reading this thread and intending to upgrade to 8.3.132.0:
Cisco TAC has recommended anyone to HOLD OFF upgrading to 8.3.132.0. TAC has identified a Severity 1 bug which causes the controller to crash after upgrading to 8.3.132.0.
There are no reported issues in regards to other versions.