Check Point response to WPA2 Key Reinstallation Attacks (KRACK)
Check Point software is not vulnerable to these attacks according to the information disclosed so far,
with the exception of a specific scenario with Edge devices (see the "Notes" section below for more details).
Check Point R&D are tracking the relevant publications and will update this article,
if there is any new information regarding the vulnerability status of Check Point products.
Edge devices using the WDS (Wireless Distribution System) feature may be vulnerable to this attack (if the attacker is within Wi-Fi range of the Edge device).
The WDS feature is disabled by default.
If you are using WDS, then contact Check Point Support for an updated firmware for your Edge device.
The additional products that would be relevant to this discussion are 600 / 700 / 1100 / 1400 appliances with Wi-Fi.
However, since these appliances act as Wi-Fi Access Point only (and not as clients, because IEEE 802.11r is not supported), they are not vulnerable.
Computers that connect to these appliances may be vulnerable - customers should check the relevant information provided by the operating system vendors.
Article revision history