Kr00k Vulnerability

Kr00k a serious vulnerability in Broadcom and Cypress Wi-Fi chips affects billions of client devices, Wi-Fi Access points and routers.

The vulnerability was discovered by ESET, tracked as CVE-2019-15126, it allows an attacker to decrypt the WPA2-encrypted traffic transmitted by vulnerable devices.

Kr00k Vulnerability

The vulnerability resides in the Wi-Fi chips and it gets enabled during the process of dissociation (disconnection of wireless networks).

When the network disconnects and reconnects the distinctive key which encrypts the network data packers reset to an all-zero value. An attacker can exploit this vulnerability by Eavesdropping network communication.

According to ESET researchers test on client devices such as Amazon (Echo, Kindle), Apple (iPhone, iPad, MacBook), Google (Nexus), Samsung (Galaxy), Raspberry (Pi 3), Xiaomi (RedMi), as well as some access points by Asus and Huawei found vulnerable to Kr00k.

The Kr00k vulnerability affects both the WPA2-Personal and WPA2-Enterprise protocols, with AES-CCMP encryption. Which is the standard encryption used in several wireless network connections.

By triggering the disassociations repeatedly attackers can capture more data packets of sensitive data, including DNS, ARP, ICMP, HTTP, TCP, and TLS packets.

ESET responsibly disclosed the vulnerability to the chip manufacturers Broadcom and Cypress, who fixed the vulnerability at an extended disclosure period.

Kr00k affects all the access points and client devices users are recommended to update with the latest patches.

Patches have been released now, users are requested to apply the latest available updates to your Wi-Fi-capable devices, including phones, tablets, laptops, IoT devices, and Wi-Fi access points and routers.

Researchers also checked for Qualcomm, Realtek, Ralink, Mediatek where the vulnerability manifests itself not found.

The Kr00k vulnerability follows KRACK, both the vulnerability enables unauthorized decryption of data. Here is the difference between Kr00k and KRACK.


Follow in Twitter for Daily cyber security & hacking news updates: Cyber Security News

Gurubaran is a co-founder of Cyber Security News and GBHackers On Security. He has 10+ years of experience as a Security Consultant, Editor, and Analyst in cybersecurity, technology, and communications.