cancel
Showing results for 
Search instead for 
Did you mean: 

New WIFI WPA2 vulnerability -- modem updates coming?

GKToronto
I've Been Here Awhile

Today, a widespread vulnerability in the WIFI WPA2 protocol was disclosed by researchers, see:

 

http://www.zdnet.com/article/wpa2-security-flaw-lets-hackers-attack-almost-any-wifi-device/

https://www.krackattacks.com

 

Will the devices offered by Rogers (I'm most concerned about the Hitron CODA-4582 used for Gigabit Internet) have updated firmware pushed soon, to fix things?

 

***EDITED LABELS***

24 REPLIES 24

Re: New WIFI WPA2 vulnerability -- modem updates coming?

ScubaMan2017
I've Been Here Awhile
Thank you Dave! As a Roger's customer, I appreciated your DETAILED response to the forum.

Re: New WIFI WPA2 vulnerability -- modem updates coming?

BS
I'm a Senior Advisor

The update is great and thorough, but my concern is with the following:

 

Since the vulnerability exist in a process call the 4-way handshake (between the client and access point), it is important to ensure that both sides are patched. This means that you should ensure to apply all the available security fixes from Microsoft, Apple, Google, etc. on computers, tablets and smartphones. Keep an eye open for updates available on other connected devices (thermostat, TV, fridges…).

 

Consider my LGG4 on version 6.0.1  it is on security patch level 2016-07-01

 

Will there be any type of update pushed out for phones on prior to version 7.0?

 

Forbes has a very good article on how to check devices https://www.forbes.com/sites/leemathews/2017/11/08/google-patches-android-against-nasty-krack-wifi-b...

 

Reviewing Google and LG patch information, they are supporting patches only back to the G5 that I can see.

 

The two methods recommended if your devices are not patched is to use a VPN, and when browsing, do not send any secure information over any site that is not secured as HTTPS.

 

Anyone aware of any other recommendations for security of you have devices that do not have patches.

 

See also this article.

 

https://www.wired.com/story/krack-wi-fi-wpa2-vulnerability/

 

Bruce

Re: New WIFI WPA2 vulnerability -- modem updates coming?

I cannot find any news that the patch for this (KRACK) was deployed.  I use CGNACR in Bridge mode with router on top of it (router firmware has patch).  The firmware I have for hitron cgn3acr is 4.5.8.33. 

Please indicate if I am good or not as I have seen that vulnerability can be exploited while in bridge mode. 

 

Re: New WIFI WPA2 vulnerability -- modem updates coming?

Hello @sgardner2088,

 

Thank you for your post and welcome to the Rogers Community Forums! 😃

 

Ensuring your devices are up-to-date and protected from potential cyber attacks due to vulnerabilities is paramount so we definitely want to look into this for you and provide some assurance.

 

As per Post 19 of this thread, our former network architect @RogersDave has confirmed that the CGN3ACR is not impacted by the KRACK exploit as of October 20th, 2017 at 10:00 AM.

 

Your modem should be safe from this vulnerability, I hope this helps!

 

RogersTony

Community Testing Lab

We’ve got an amazing opportunity to test our upcoming Gateway!

Click here to find out more!

Topic Stats