Page 1 of 1

WPA vulernability KRACK

Posted: Mon Oct 16, 2017 11:09 am
by nuclearcat
Hello,

Any plans to check implementation and update SDK for ESP8266 and ESP32?
As this vulerability seems critical and might be exploited by script kiddies very soon and might put in risk IoT devices released on this chipsets, if vendors wont patch them soon. (And to patch them, they need updates to SDK, as this part is binary)

Re: WPA vulernability KRACK

Posted: Mon Oct 16, 2017 1:34 pm
by ESP_Angus
Yes, please see here for details of (existing) patches:
https://esp32.com/viewtopic.php?f=13&p=15672#p15672

ESP8266 has also already been patched, and patched versions are already on github. An official announcement will be made on the relevant forum soon.

Re: WPA vulernability KRACK

Posted: Mon Oct 16, 2017 2:23 pm
by nuclearcat
Wow! Speedy update, that show one more time that vendor support from Espressif is perfect and it is great solution for secure IoT.