Not an answer to your question, but is there a reason why you cannot downgrade them to 6.49.19 and call it a day?
After all it is a station, more or less "locked" to a given SSID, it is unlikely that any vulnerability exists that can be used on those devices.
Then you can make experiments with just one of those devices.
BTW one of the (good) changes in 6.49.19 should be that the upgrade to any v7 version should be more reliable.
Current "long-term" (but it won't change anything I believe) is however 7.20.8.
I would try first an earlier v7 version like 7.12 or 7.13.x, just to see if the issue is v6 vs. v7 or it it is related to more recent versions of v7 only, then try 7.15.3 that seems like have better compatibility:
https://forum.mikrotik.com/t/eap-peap-mschapv2-as-station-with-v7/
and work from that on more recent versions, it is entirely possible that it was "fixed" and then reoccurred as a regression bug.