Apparently there’s another chip level security flaw in Broadcom and Cypress wifi chips that allows a bad actor to trick the chip running an encrypted wifi connection to change the key to zero, thus causing the wifi going forward to be unencrypted. This is now CVE-2019-15126. More info below. Are Pepwave products vulnerable to this, and if so, any ideas whether it can be fixed?
Report from ESET who discovered the flaw here:
News article for the rest of us here: