Ubiquiti Devices & KRACK Vulnerability

At Ubiquiti Networks we acquire security very very seriously, and understand that it is of utmost worth to our consumers. Now (10/18/seventeen), a vulnerability was printed about WPA2 encrypted networks, the presently regarded secure kind of encryption accessible to shield WiFi units. We happen to be working with Jouni Malinen, the first creator of hostap, along with other marketplace leaders in security, to roll out a stable firmware in time for the public disclosure. To learn more on the KRACK vulnerability, Just click here.

Awareness: Be sure to Be aware that this vulnerability impacts WiFi customer products more particularly than accessibility position products. We strongly endorse that every one customers Verify with appropriate cellular system, laptop computer, and IoT suppliers for firmware updates resolving the KRACK difficulty of their equipment.
Desk of Contents
UniFi Movie

Back again to Prime

In search of the shorter Variation? Go to How can I enhance?

To be certain our prospects are shielded, We have now unveiled firmware for UniFi Accessibility Points that resolves this vulnerability for all users utilizing the wi-fi uplink attribute. This firmware is immediately accessible, and will be downloaded inside our Releases area. It has been pushed to all the latest five.6.x controller builds, as well as on our Group site. We will likely be rolling out to other controllers within the near long run.

See our table below for a listing of UniFi gadgets that need to possess a firmware update because of the WPA-PSK KRACK vulnerabilities, and those that don't. The patched firmware is Model 3.nine.three.7537 introduced on October 16th, 2017. Any Variation just before that's likely vulnerable.

Take note: Firmware backlinks down below are all HTTPS. This assumes your system(s) are at present functioning at the least three.7.51, and which the gadget's date is properly set (i.e. it could possibly attain a NTP server). When you encounter troubles with the update, or your product isn't on the least supported firmware, then you can change the website link to HTTP right before carrying out the update.
One example is: Firmware link for any UAP-AC As outlined by desk down below is:

When the Be aware previously mentioned relates to you, only alter the Original https to the http, causing:


(do not need firmware update)


Unit Design

FIRMWARE Website link

Notice: These back links have to be copied to complete up grade (not simply clicked). To copy: correct click on hyperlink and select Duplicate Backlink Tackle. See the way to complete update in GIF beneath.


Firmware (.bin)


Firmware (.bin)

UAP-Out of doors

Firmware (.bin)

UAP v2

Firmware (.bin)


Firmware (.bin)


Firmware (.bin)


Firmware (.bin)

Locate the MD5 Checksum Inbound links for each model during the UniFi Updates Blog site put up.

Focus: At this time, the beta aspect 802.11r (State-of-the-art "Quickly Roaming" within the Controller UI Variation +5.six.X (even now in beta)) is still susceptible, so it is recommended to disable this aspect briefly. We are actively focusing on patching this, and it will be All set within the in the vicinity of foreseeable future. You'll find this element in UniFi Controllers Edition +five.six in Settings > Wi-fi Community > Innovative Options area. The initial "Quickly Roaming" that is enabled routinely at the AP degree, and outlined in our UniFi - Rapidly Roaming post will not be susceptible and cannot be enabled/disabled.

Back again to Top rated

one. How do I improve?

Update Oct 18th: Now we have pushed the v3.9.3 update to UniFi Controllers (Model five.five.20+). You are going to now get an Up grade prompt during the actions column to improve to our patched firmware Edition. Just click the button and hold out right until the upgrade is full.

If you don't begin to see the up grade button, or it is attempting to enhance you to definitely a firmware version other than 3.9.3, visit Settings > Upkeep and inside the Companies part click on the Test Firmware Update button.



You may also see UniFi - Modifying the firmware of a UniFi unit for all the various alternatives, or see the next gif for a quick example. (Notice we've been unchecking the "Quickly enhance firmware" (wording could possibly transform based upon Controller Model) present in Settings > Site to steer clear of the APs from rolling again on the earlier Edition. In the GIF down below, we've been copying the firmware backlink (.bin) through the UniFi Updates Website publish, you are able to alternatively duplicate it through the table higher than.


2. I do not see an Update prompt for my AP. What do I do?

You'll be able to perform a here tailor made update as shown while in the gif over, or begin to see the UniFi - Altering the firmware of the UniFi unit article For additional options.

three. Am i able to execute a gaggle improve?

Certainly, Ensure that you make batches of models that make use of the firmware as mentioned In this particular post. See our UniFi - Group Configuration for Entry Points report For more info.

4. I'm bewildered about versions. My Edition is five.five.20, nevertheless the write-up mentions version 3.nine.three.

There are two "versions" you must be aware of. The UniFi Controller computer software Model, and the Accessibility Position firmware Variation. The enhance you have to complete is with the Obtain Stage. In the example previously mentioned, 5.5.20 is to the Controller, and three.nine.three is for that Obtain Issue. See exactly where to discover each while in the Controller > Products tab from the graphic below.


five. Immediately after I accomplish the enhance, a possibility seems from the Steps column to Update. Need to I click on it?

Before Oct 18th this would appear if you were correctly on Variation three.9.3 (the controller needed to roll you again to your official 3.eight.X Model). But now the Controller (versions five.five.20 and over) will be pushing The three.9.three firmware Model. What does that mean? If the thing is an Update button inside the Steps column, Test the Edition column. In case your device's Model just isn't three.9.three.X, then go on and click it.


This is certainly exactly what the Controller seems like now, immediately after October 18th, after we pushed Edition three.9.three. Discover the equipment not on Edition three.9.three.X are prompting me to upgrade.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15

Comments on “Ubiquiti Devices & KRACK Vulnerability”

Leave a Reply