Wi-Fi Exploit (Updated)
October 16, 2017 – A new vulnerability in the modern Wi-Fi encryption protocol WPA2 has been found. This security vulnerability basically affects ALL Wi-Fi installations and implementations. The issue is with the WPA2 protocol itself. The announcement was just made this morning and some manufacturers have already release firmware updates. However, many routers and access points will probably NOT be updated at all resulting in an unpatched vulnerability on affected networks. This is a very serious issue and makes it almost trivial to view unencrypted data on a Wi-Fi network. There is a published attack called KRACK which exploits this vulnerability.
Network Solutions Automation, LLC. will be reaching out to our Control4 customers to make sure they are informed about this issue. Right now, the only solution for many networks is to disable Wi-Fi access completely. This will change as more manufacturers make patches available. If the equipment in place is something that will remain unpatched, the only other solution will be equipment replacement.
For more information about this serious flaw in WPA2, please visit this link. The KRACK attack is outlined on this website.
Update: Here is a link with a list of vendors who have released a fix for this issue: https://www.windowscentral.com/vendors-who-have-patched-krack-wpa2-wi-fi-vulnerability
If you have any questions or concerns or would like to contact us about upgrading/patching your network, please contact us at 256-467-6314 or email support@nsaautomation.com.