Almost certainly yes. The KRACK attack is against the protocol implementation itself regardless of vendor. If the device is compliant with the WPA2 specification and has firmware more than two weeks old, assume that it is vulnerable.
Yes. The attack is against the WPA/WPA2 algorithm itself. Once a user is authenticated the attack is possible. It doesn't matter if the original authentication was via RADIUS or a stored key on the device.
No. The attack is against the WPA/WPA2 protocol itself. The NV160 is considered to be end-of-life and will not be fixed.
The risk is somewhat mitigated, however. Attacker has to be within the RF range of the device. Most sensitive data is encrypted end-to-end by underlying protocols such as SSL, IPSec, etc. so cracking the wireless encryption just gives the attacker an encrypted stream of data. Depending on the application, likelihood of an attacker within range, and the sensitivity of any plaintext data being sent, it might not be the type of vulnerability that requires an immediate forklift upgrade of all of the access points.