The high-severity flaw discovered in Broadcom and Cypress FullMac Wi-Fi chips affects all unpatched devices from the following well-known manufacturers: Apple, Amazon, Google, Samsung and also many other devices under less-known brands.
While the targets are Wi-Fi Access points and routers, which could also make environments with fully-patched client devices vulnerable. The discovery was credited to ESET Cybersecurity researchers, which vulnerability is dubbed 'Kr00k' and marked as CVE-2019-15126.
Kr00k allows unauthorized access to some WPA2-encrypted traffic, and could allow nearby remote attackers to intercept and decrypt wireless network packets transmitted over a vulnerable device.
How the Kr00k Flaw affect Devices
The flaw is present in all unpatched devices with Broadcom and Cypress FullMac Wi-Fi chips, and it allow attackers to capture and decrypt wireless packets, with no precise way to predict the nature of data involved.
But most certainly, it breaks encryption on wireless layer, though it has nothing to do with TLS encryption that secures the network traffic. And the most common Wi-Fi Access points and routers are those running the affected Wi-fi chips from Broadcom and Cypress.
The attack is possible because when a device gets disconnected from the wireless network, the session key are supposed to be cleared by the Wi-Fi chip from the memory and set back to zero, but the vulnerable chips inadvertently end up transmitting data frames in the buffer with zero encryption key after the disassociation.
What Devices are affected by Kr00k?
These Wi-Fi chips are used in almost all of today's popular devices, made by well-known manufacturers like Apple (iPhone, iPad, MacBook), Amazon (Echo, Kindle), Google (Nexus), Samsung (Galaxy), and also several other devices from less-known brands.
So, for you to ensure that your device is safe, you have to update your Wi-Fi capable devices, such as smartphones, tablets, laptops, and Wi-Fi routers and access points to the latest software and/or firmware versions. As patches for several of the affected devices have been made available by the manufacturers already.
And if your device uses the affected chips in the first place, there is need to revert to your device manufacturer for best security advice.
No comments