Vulnerabilities for WPA and WPA2 - Warning

16 October 2017
On October 16, 2017, a statement from the International Consortium for Advancement of Cybersecurity on the Internet (ICASI) was released alerting the industry to a series of vulnerabilities for WPA and WPA2. These vulnerabilities are at the protocol-level and affect a number of vendors and industry implementations of the standard in wireless infrastructure devices and wireless clients. WatchGuard’s Wi-Fi access points and Wi-Fi enabled appliances are affected by these vulnerabilities.
This security flaw means that, for vulnerable clients and access points, WPA and WPA2-encrypted Wi-Fi traffic is no longer secure until certain steps are taken to remediate the issue. 
The Wi-Fi data stream, including passwords and personal data, can be intercepted, decrypted,and modified without a user’s knowledge. More details can be found at WatchGuard’s Products and Support News blog. 
Patches will be available for Fireware, WatchGuard legacy and current APs, and for WatchGuard Wi-Fi Cloud via the following releases and estimated timing. The patch schedule is subject to changes, so please monitor the Product and Support News blog for

Sunday, October 15, 2017:
 AP120, 320, 322, 420:  Release 8.3.0-657, Cloud mode only 
Monday, October 30, 2017:
 Fireware: Release 12.0.1
 Legacy AP:
o AP300: Release AP100, 102, 200: Release
 AP120, 320, 322, 420:  Release 8.3.0-657 – Non-Cloud (GWC mode)