CTS Statement on WPA2 Security Vulnerability


Connection Technology Systems Inc. (CTS) is aware of the vulnerabilities recently announced in the WPA2 security protocol, which is also known as KRACKs (Key Reinstallation AttaCKs). According to the research by Mathy Vanhoef, KRACK attacks target WPA2 handshakes and can use the attack technique to steal sensitive information such as credit card numbers, passwords, chat messages, emails, and so on.

However, the limitations of the attack are also stated in the research.  KRACK attacks can only be carried out when an attacker is physically located within the wireless range of the network, and when a client is connecting or reconnecting to the Wi-Fi network.  Nevertheless, patches or upgraded firmware are still released by different Wi-Fi vendors to amend this issue.

CTS’ Products Unaffected

According to the research, the attacks target clients instead of access points.  In other words, only Wi-Fi routers working under repeater mode or client mode will be affected.  CTS’ VRG5/VRGIII series and FWR5/FWRIII series wireless gateways run only on AP mode or Router mode, which will not be affected by this attack technique, so our customers can rest assured that this attack will not affect the products purchased from CTS.

        In addition, we want to point out that it is very important for our customers to update all client (smartphones, tablets, and computers) software to ensure that all clients in the network have patches for KRACKs.

        For more information about KRACK, you can find it through the link: https://www.krackattacks.com/