Moti Sagey

Check Point Response to KRACK

Blog Post created by Moti Sagey Employee on Oct 17, 2017
Background
  • On October 16, 2017, several vulnerabilities were published in the Wi-Fi Protected Access II (WPA2) protocol.
    These attacks, named Key Reinstallation Attacks ("KRACK"), allow a rogue actor to become the Wi-Fi client's Access Point, and hence becoming a Man-in-the-Middle between the client and any network resource being accessed.

    More details can be found at: https://www.krackattacks.com

Solution

Check Point software is not vulnerable to these attacks according to the information disclosed so far. Check Point R&D are tracking the relevant publications and will update this article, if there is any new information regarding the vulnerability status of Check Point products.

The main products that would be relevant to this discussion are 600 / 700 / 1100 / 1400 appliances with Wi-Fi.
However, since these act as Wi-Fi Access Point only, they are not vulnerable.
Computers that connect to these appliances may be vulnerable - customers should check the relevant information provided by the operating system vendors.

 

Source: Check Point response to WPA2 Key Reinstallation Attacks (KRACK) 

Outcomes