Does the Kr00k vulnerability have an impact on the 40 series radios?

Answer

Ezurio (formerly Laird Connectivity) is actively working with our vendor to patch the kr00k vulnerability on Ezurio products. Unfortunately, at this time a firmware fix has not been provided for the BCM4329 (used in the 40 Series products). Based on an understanding that this vulnerability has a severity level of “low” by NIST, it is recommended that customers use TLS data encryption whenever possible as TLS tunneled data is not at risk for the kr00k vulnerability.

For more information on the vulnerability, please visit:

https://nvd.nist.gov/vuln/detail/CVE-2019-15126
https://www.eset.com/int/kr00k/