Product Notice: Investigating the KRACK Attack

On Monday, a critical vulnerability in the WPA2 wireless security protocol was published by Dutch researchers. KRACKs — or key reinstallation attacks — can theoretically be deployed by attackers to steal sensitive information from unsuspecting wireless users leveraging flaws in the Wi-Fi standard.

The SonicWall Capture Labs investigated the WPA2 vulnerabilities and found the following:

• SonicPoint and SonicWave wireless access points, as well as SonicWall TZ and SOHO wireless firewalls, are not vulnerable to KRACK attacks.
• No updates are needed for SonicWall wireless access points or firewalls with integrated wireless.
• Attackers must be in physical proximity to the wireless client or access point to execute a KRACK-based man-in-the-middle (MITM) attack.

According to our records, none of the SonicWall appliances you own have wireless capabilities or employ the WPA2 security protocol. No firmware updates are required. 

However, for guidance on how to minimize the risk presented by vulnerabilities via wireless clients from other vendors, please read “Are There KRACKs in Your Wireless Network Security?” which will be continually updated. 

Should you have further questions or need assistance, please contact your preferred SonicWall reseller or SonicWall support.