UniFi OS Consoles Wi-Fi Switching Camera Security Phone System Door Access Accessories UISP

UniFi Video is an obsolete product line.

This application and its related devices will no longer receive any manner of technical support, including functional and security updates. Additionally, there will be no further updates to Help Center content pertaining to UniFi Video.

(ARCHIVED) Ubiquiti Devices & KRACK Vulnerability

This article has been archived. Applies to a vulnerability dealt with in October, 2017.

The vulnerability addressed in this article has been dealt with. The article will not be updated further, but will remain for documentation purposes. We recommend to always upgrade to the newest firmware release to prevent security issues.


At Ubiquiti Networks we take security very seriously, and realize that it is of utmost importance to our customers. Today (10/18/17), a vulnerability was published about WPA2 encrypted networks, the currently known secure form of encryption available to protect WiFi devices. We have been working with Jouni Malinen, the original author of hostap, as well as other industry leaders in security, to roll out a stable firmware in time for the public disclosure. For more information on the KRACK vulnerability, click here 

ATTENTION:Please note that this vulnerability affects WiFi client devices more specifically than access point devices. We strongly recommend that all users check with relevant mobile device, laptop, and IoT manufacturers for firmware updates resolving the KRACK issue in their devices.

Table of Contents

  1. UniFi
  2. UniFi FAQ
  3. AmpliFi
  4. airMAX
  5. airCube
  6. UniFi Video


Back to Top

Looking for the short version? Go to How do I upgrade?

To ensure our customers are protected, we have released firmware for UniFi Access Points that resolves this vulnerability for all users using the wireless uplink feature. This firmware is immediately available, and can be downloaded in our Releases section. It has been pushed to all recent 5.6.x controller builds, as well as on our community blog. We will be rolling out to other controllers in the near future.

See our table below for a list of UniFi devices that need to have a firmware update because of the WPA-PSK KRACK vulnerabilities, and the ones that don't. The patched firmware is version released on October 16th, 2017. Any version prior to that is potentially vulnerable.

NOTE:Firmware links below are all HTTPS. This assumes your device(s) are currently running at least 3.7.51, and that the device's date is properly set (i.e. it can reach a NTP server). If you encounter issues with the upgrade, or your device isn't on a minimum supported firmware, then you can change the link to HTTP before performing the upgrade.

For example: Firmware link for a UAP-AC according to table below is:


If the note above applies to you, simply change the initial https to a http, resulting in: 



(do not require firmware update)

  • UAP-AC
  • UAP-AC v2
  • UAP-AC-Outdoor




Note: These links must be copied to perform upgrade (not just clicked). To copy: right click on link and select Copy Link Address. See how to perform upgrade in GIF below.


Firmware (.bin)


Firmware (.bin) 


Firmware (.bin) 

UAP v2

Firmware (.bin) 


 Firmware (.bin)


 Firmware (.bin)


Firmware (.bin) 

 Find the MD5 Checksum Links for each model in the UniFi Updates Blog post.

ATTENTION: At this time, the beta feature 802.11r (Advanced "Fast Roaming" in the Controller UI version +5.6.X (still in beta)) is still vulnerable, so it is recommended to disable this feature temporarily. We are actively working on patching this, and it will be ready in the near future. You will find this feature in UniFi Controllers version +5.6 inSettings > Wireless Network > Advanced Options section. The initial "Fast Roaming" that is enabled automatically at the AP level, and mentioned in our UniFi - Fast Roaming article is not vulnerable and cannot be enabled/disabled.


Back to Top

1. How do I upgrade?

Update October 18th: We have pushed the v3.9.3 upgrade to UniFi Controllers (version 5.5.20+). You will now get an UPGRADE prompt in the actions column to upgrade to our patched firmware version. Just click on the button and wait until the upgrade is complete.

If you do not see the upgrade button, or it is trying to upgrade you to a firmware version other than 3.9.3, go to Settings > Maintenance and within the Services section click the Check Firmware Update button.



You can also see UniFi - Changing the firmware of a UniFi device for all the different options, or see the following gif for a quick example. (Notice we are unchecking the "Automatically upgrade firmware" (wording might change depending on Controller version) found in Settings > Site to avoid the APs from rolling back to the previous version. In the GIF below, we are copying the firmware link (.bin) from the UniFi Updates Blog post, you can alternatively copy it from the table above.


2. I don't see an Upgrade prompt for my AP. What do I do? 

You can perform a custom upgrade as demonstrated in the gif above, or see the UniFi - Changing the firmware of a UniFi device article for more options.

3. Can I perform a group upgrade?

Yes, make sure to make batches of models that use the firmware as listed in this post. See our UniFi - Group Configuration for Access Points article for more information.

4. I'm confused about versions. My version is 5.5.20, but the post mentions version 3.9.3.

There are two "versions" you need to be aware of. The UniFi Controller software version, and the Access Point firmware version. The upgrade you must perform is for the Access Point. In the example above, 5.5.20 is for the Controller, and 3.9.3 is for the Access Point. See where to find each one in the Controller > Devices tab in the image below. 


5. After I perform the upgrade, an option appears in the Actions column to Upgrade. Should I click on it? 

Prior to Oct 18th this would appear if you were correctly on version 3.9.3 (the controller wanted to roll you back to the official 3.8.X version). But now the Controller (versions 5.5.20 and over) will be pushing the 3.9.3 firmware version. What does that mean? If you see an UPGRADE button in the Actions column, check the VERSION column. If your device's version is not 3.9.3.X, then go ahead and click it.


This is what the Controller looks like now, after October 18th, when we pushed version 3.9.3. Notice the devices not on version 3.9.3.X are prompting me to upgrade.


Back to Top

AmpliFi line products are not affected since firmware v2.4.3. Firmware v2.4.2 is partially affected and all versions prior to that are affected.


Back to Top

Released: find below the fully patched firmware versions for AC (v8.4.2) and M (v6.1.2) airMAX devices. Note: our proprietary airMAX protocol makes simple attacks more difficult.



Back to Top

Find the airCube firmware release information here

UniFi Video

Back to Top

Wired cameras are not affected. Wireless cameras (UVC-Micro / G3-Micro) are not vulnerable to MitM attacks due to complete encryption and mutual certificate authentication of NVR traffic implemented in version 3.8.0+.

Additionally, as of firmware release v3.8.61 (included with UniFi Video Controller v3.8.2), all wireless cameras have also been patched against the KRACK exploit for added security. Upgrading to UniFi Video v3.8.2 is recommended so that wireless cameras are upgraded and receive the patch.

Was this article helpful?
17 out of 22 found this helpful