Kr00k WPA2 Wi-Fi Vulnerability [CVE-2019-15126]
CVE number – CVE-2019-15126
Security researchers have disclosed details of a vulnerability, known as Kr00k, affecting the Wi-Fi Protected Access II (WPA2, IEEE 802.11i-2004) wireless security protocol and how it is implemented in a number of Broadcom and Cypress wireless chipsets.
They claim that a user on the same WLAN could exploit this vulnerability to decrypt communications sent to and from affected systems.
The vulnerability affects both WPA2-Personal and WPA2-Enterprise variants using the AES-CCMP, and is the result of poor implementation of the protocol in the affected chipsets. When a WPA2-secured session is disconnected, the temporal key used during the session is cleared from memory, in effect setting it to zero. However, any data left in the chipsets transmission buffers is then sent using this all-zero key, effectively negating WPA2. An attacker with access to the same WLAN could artificially force session disconnection in order to read sensitive data.
Affected Platforms
Devices using Broadcom or Cypress Wi-Fi chipsets, including (but not limited to) products from the following vendors:
- Apple
- Amazon
- Asus
- Dell
- HP
- Huawei
- Lenovo
- Microsoft
- Samsung
Please ensure you have updated all your Wi-Fi capable devices, including phones, tablets, laptops, and Wi-Fi access points and routers to the latest operating system, software and/or firmware versions. According to our information, patches for devices by major manufacturers have been released by now.
Further technical information and patch links available at – https://www.eset.com/int/kr00k/
Duncan is a technology professional with over 20 years experience of working in various IT roles. He has a interest in cyber security, and has a wide range of other skills in radio, electronics and telecommunications.