The vulnerability addressed in this article has been dealt with. The article will not be updated further, but will remain for documentation purposes. We recommend to always upgrade to the newest firmware release to prevent security issues.
Overview
At Ubiquiti Networks we take security very seriously, and realize that it is of utmost importance to our customers. Today (10/18/17), a vulnerability was published about WPA2 encrypted networks, the currently known secure form of encryption available to protect WiFi devices. We have been working with Jouni Malinen, the original author of hostap, as well as other industry leaders in security, to roll out a stable firmware in time for the public disclosure. For more information on the KRACK vulnerability, click here.
Table of Contents
UniFi
Looking for the short version? Go to How do I upgrade?
To ensure our customers are protected, we have released firmware for UniFi Access Points that resolves this vulnerability for all users using the wireless uplink feature. This firmware is immediately available, and can be downloaded in our Releases section. It has been pushed to all recent 5.6.x controller builds, as well as on our community blog. We will be rolling out to other controllers in the near future.
See our table below for a list of UniFi devices that need to have a firmware update because of the WPA-PSK KRACK vulnerabilities, and the ones that don't. The patched firmware is version 3.9.3.7537 released on October 16th, 2017. Any version prior to that is potentially vulnerable.
For example: Firmware link for a UAP-AC according to table below is:
https://dl.ubnt.com/unifi/firmware/U7PG2/3.9.3.7537/BZ.qca956x.v3.9.3.7537.171013.1101.bin
If the note above applies to you, simply change the initial https to a http, resulting in:
http://dl.ubnt.com/unifi/firmware/U7PG2/3.9.3.7537/BZ.qca956x.v3.9.3.7537.171013.1101.bin
UNAFFECTED DEVICES (do not require firmware update) |
|
DEVICES THAT NEED FIRMWARE UPDATE |
|
DEVICE MODEL |
FIRMWARE LINK Note: These links must be copied to perform upgrade (not just clicked). To copy: right click on link and select Copy Link Address. See how to perform upgrade in GIF below. |
UAP-AC-LITE |
|
UAP-HD |
|
UAP |
|
UAP v2 |
|
UAP-PRO |
|
UAP-Outdoor+ |
|
UAP-IW |
Find the MD5 Checksum Links for each model in the UniFi Updates Blog post.
UniFi FAQ
1. How do I upgrade?
Update October 18th: We have pushed the v3.9.3 upgrade to UniFi Controllers (version 5.5.20+). You will now get an UPGRADE prompt in the actions column to upgrade to our patched firmware version. Just click on the button and wait until the upgrade is complete.
If you do not see the upgrade button, or it is trying to upgrade you to a firmware version other than 3.9.3, go to Settings > Maintenance and within the Services section click the Check Firmware Update button.
You can also see UniFi - Changing the firmware of a UniFi device for all the different options, or see the following gif for a quick example. (Notice we are unchecking the "Automatically upgrade firmware" (wording might change depending on Controller version) found in Settings > Site to avoid the APs from rolling back to the previous version. In the GIF below, we are copying the firmware link (.bin) from the UniFi Updates Blog post, you can alternatively copy it from the table above.
2. I don't see an Upgrade prompt for my AP. What do I do?
You can perform a custom upgrade as demonstrated in the gif above, or see the UniFi - Changing the firmware of a UniFi device article for more options.
3. Can I perform a group upgrade?
Yes, make sure to make batches of models that use the firmware as listed in this post. See our UniFi - Group Configuration for Access Points article for more information.
4. I'm confused about versions. My version is 5.5.20, but the post mentions version 3.9.3.
There are two "versions" you need to be aware of. The UniFi Controller software version, and the Access Point firmware version. The upgrade you must perform is for the Access Point. In the example above, 5.5.20 is for the Controller, and 3.9.3 is for the Access Point. See where to find each one in the Controller > Devices tab in the image below.
5. After I perform the upgrade, an option appears in the Actions column to Upgrade. Should I click on it?
Prior to Oct 18th this would appear if you were correctly on version 3.9.3 (the controller wanted to roll you back to the official 3.8.X version). But now the Controller (versions 5.5.20 and over) will be pushing the 3.9.3 firmware version. What does that mean? If you see an UPGRADE button in the Actions column, check the VERSION column. If your device's version is not 3.9.3.X, then go ahead and click it.
This is what the Controller looks like now, after October 18th, when we pushed version 3.9.3. Notice the devices not on version 3.9.3.X are prompting me to upgrade.
AmpliFi
AmpliFi line products are not affected since firmware v2.4.3. Firmware v2.4.2 is partially affected and all versions prior to that are affected.
airMAX
Released: find below the fully patched firmware versions for AC (v8.4.2) and M (v6.1.2) airMAX devices. Note: our proprietary airMAX protocol makes simple attacks more difficult.
References:
airCube
Find the airCube firmware release information here.
UniFi Video
Wired cameras are not affected. Wireless cameras (UVC-Micro / G3-Micro) are not vulnerable to MitM attacks due to complete encryption and mutual certificate authentication of NVR traffic implemented in version 3.8.0+.
Additionally, as of firmware release v3.8.61 (included with UniFi Video Controller v3.8.2), all wireless cameras have also been patched against the KRACK exploit for added security. Upgrading to UniFi Video v3.8.2 is recommended so that wireless cameras are upgraded and receive the patch.