NETGEAR is aware of a growing number of phone and online scams. To learn how to stay safe click here.
Forum Discussion
Solved
WPA2 - KRACK / Vulnerability
Hi Netgear, I think this is really important and should be monitored closely and all the wifi users should ask the vendors to monitor an patch this. Looks like that WPA2 is about to be cracked and ...
NETGEAR is aware of the recently publicized security exploit KRACK, which takes advantage of security vulnerabilities in WPA2 (WiFi Protected Access II). NETGEAR has published fixes for multiple products and is working on fixes for others. Please follow the security advisory for updates.
NETGEAR appreciates having security concerns brought to our attention and are constantly monitoring our products to get in front of the latest threats. Being pro-active rather than re-active to emerging security issues is a fundamental belief at NETGEAR.
To protect users, NETGEAR does not publicly announce security vulnerabilities until fixes are publicly available, nor are the exact details of such vulnerabilities released. Once fixes are available, NETGEAR will announce the vulnerabilities from NETGEAR Product Security web page.
Hey ood point ... Indeed looks to be on the client side but we need to remember that on a Mesh network the satelite is also a client of the main router or other satelities .
Sniffing the traffic from the satelite to the router would have all the connections of the connected devices and backhaul communication .... so you would be able to sniff the network traffic just like an old network HUB.
I would love to hear from Netgear on this and if they managed to test this attack surface.
I _think_ the Orbi backhaul traffic is double-encrypted, both with WPA2 on-the-wire and a second layer of encryption at the layer 7 level between the devices, which would make a MITM attack fruitless (if inconvenient, because it would obviously break comms between the satellite and router).
It would be nice to hear an official position from Netgear.