WPA2 is the “secure” implementation option used by the vast majority of enterprise WiFi systems – other protocols have their own security issues, which is why everyone moved to WPA2. Unfortunately, researches have found a way to break that security.

The good news is, for most attacks the attacker has to be on the same access point for this to work, and this is a vulnerability that can be patched.  The bad news is, not every manufacturer has a patch out yet, and it’s not just WiFi routers that need to be patched – all the mobile devices that connect to WiFi (smart phones, laptops, tablets, etc.) will also need to be patched, to protect them if they connect later to a vulnerable system outside your environment.

CERT has this page up with a running list of affected products and links to their information pages.  This list is not comprehensive: if you don’t see your products listed, reach out directly to the vendor/manufacturer.

 

About the Global Privacy & Security Blog

Learn More

Contracts, laws and regulations require privacy compliance, and good business practices demand it. This blog is designed to inform our clients and readers about developing privacy issues and regulatory updates, and provide alerts on cyber security stories and data breaches that impact various data privacy and security requirements.