A vulnerability in the WPA2 protocol has been discovered and could allow an attacker to read encrypted information. This attack affects all WPAWPA2 protected WI-Fi Networks as the vulnerability is with the Wi-Fi WPA/WPA2 standard and not any individual products or implementations.
The following CVE IDs have been assigned to document these vulnerabilities in the WPA/WPA2 protocol:
Sophos products affected:
All Sophos wireless products are affected: Wireless Protection in XG Firewall, Sophos UTM and Cyberoam as well as Sophos Central Managed Wireless. Sophos will release patches as soon as they are made available.
The Wireless team is currently working on the necessary patch and after full implementation and testing on our solutions, we will be able to release a fix. This process can take a number of days.
The below list shows the scheduled patched version to correct the WPA/WPA2 vulnerability and expected release dates. All dates and version numbers are subject to change.
If you've spotted an error or would like to provide feedback on this article, please use the section below to rate and comment on the article. This is invaluable to us to ensure that we continually strive to give our customers the best information possible.
Every comment submitted here is read (by a human) but we do not reply to specific technical questions. If you need technical support please post a question to our community. Alternatively for licensed products open a support ticket.