Kr00k
| CVE identifier(s) | CVE-2019-15126 |
|---|---|
| Date discovered | 2019 |
| Discoverer | ESET |
| Affected hardware | Many devices with Broadcom and Cypress Semiconductor Wi-Fi chips including smartphones, tablets and single-board computers |
| Website | https://www.eset.com/int/kr00k/ |
Kr00k (also written as KrØØk) is a security vulnerability that allows some WPA2 encrypted WiFi traffic to be decrypted.[1] The vulnerability was originally discovered by security company ESET in 2019 and assigned CVE-2019-15126 on August 17, 2019.[2] ESET estimates that this vulnerability affects over a billion devices.[3]
Discovery
Kr00k was discovered by ESET Experimental Research and Detection Team, most prominently ESET security researcher Miloš Čermák.[1]
It was named Kr00k by Robert Lipovský and Štefan Svorenčík. It was discovered when trying variations of the KRACK attack.[4]
Initially found in chips made by Broadcom and Cypress, similar vulnerabilities have been found in other implementations, including those by Qualcomm and MediaTek.[5][6]
Patches
The vulnerability is known to be patched in:
- iOS 13.2 and iPadOS 13.2 - October 28, 2019 [1]
- macOS Catalina 10.15.1, Security Update 2019–001, and Security Update 2019-006 - October 29, 2019 [1]
Vulnerable devices
During their research, ESET confirmed over a dozen popular devices were vulnerable.[3]
Cisco has found several of their devices to be vulnerable and are working on patches.[7] They are tracking the issue with advisory id cisco-sa-20200226-wi-fi-info-disclosure.[8]
Known vulnerable devices include:
- Amazon Echo 2nd gen
- Amazon Kindle 8th gen
- Apple iPad mini 2
- Apple iPhone 6, 6S, 8, XR
- Apple MacBook Air Retina 13-inch 2018
- Asus wireless routers (RT-AC1200G+, RT-AC68U), but fixed in firmware Version 3.0.0.4.382.5161220 during March 2020
- Google Nexus 5
- Google Nexus 6
- Google Nexus 6P
- Raspberry Pi 3
- Samsung Galaxy S4 (GT-I9505)
- Samsung Galaxy S8
- Xiaomi Redmi 3S
References
- ↑ 1.0 1.1 1.2 1.3 "A serious vulnerability deep inside Wi-Fi encryption | ESET" (in en). https://www.eset.com/int/kr00k/.
- ↑ "Kr00K vulnerability affects devices with Broadcom and Cypress Wi-Fi chips" (in en-US). 2020-02-27. https://www.xda-developers.com/kr00k-wifi-vulnerability-broadcom-cypress/.
- ↑ 3.0 3.1 https://www.welivesecurity.com/wp-content/uploads/2020/02/ESET_Kr00k.pdf[bare URL PDF]
- ↑ "Kr00k, KRACK, and the Seams in Wi-Fi, IoT Encryption" (in en). 12 August 2020. https://www.darkreading.com/iot/kr00k-krack-and-the-seams-in-wi-fi-iot-encryption/d/d-id/1338633.
- ↑ "KrØØk attack variants impact Qualcomm, MediaTek Wi-Fi chips" (in en-us). https://www.bleepingcomputer.com/news/security/kr-k-attack-variants-impact-qualcomm-mediatek-wi-fi-chips/.
- ↑ "Beyond KrØØk: Even more Wi‑Fi chips vulnerable to eavesdropping" (in en-US). 2020-08-06. https://www.welivesecurity.com/2020/08/06/beyond-kr00k-even-more-wifi-chips-vulnerable-eavesdropping/.
- ↑ Osborne, Charlie. "Cisco patches incoming to address Kr00k vulnerability impacting routers, firewall products" (in en). https://www.zdnet.com/article/cisco-says-patches-incoming-to-address-new-kr00k-vulnerability-impacting-routers-firewall-products/.
- ↑ "Wi-Fi Protected Network and Wi-Fi Protected Network 2 Information Disclosure Vulnerability". https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200226-wi-fi-info-disclosure.
 |  |
