Kr00k

Kr00k
CVE identifier(s)	CVE-2019-15126
Date discovered	2019
Discoverer	ESET
Affected hardware	Many devices with Broadcom and Cypress Semiconductor Wi-Fi chips including smartphones, tablets and single-board computers
Website	https://www.eset.com/int/kr00k/

Kr00k (also written as KrØØk) is a security vulnerability that allows some WPA2 encrypted WiFi traffic to be decrypted.^[1] The vulnerability was originally discovered by security company ESET in 2019 and assigned CVE-2019-15126 on August 17th, 2019.^[2] ESET estimates that this vulnerability affects over a billion devices.^[3]

Discovery[]

It was named Kr00k by Robert Lipovsky and . It was discovered when trying variations of the KRACK attack.^[4]

Initially found in chips made by Broadcom and Cypress, similar vulnerabilities have been found in other implementations, including those by Qualcomm and MediaTek.^[5]^[6]

Patches[]

The vulnerability is known to be patched in:

iOS 13.2 and iPadOS 13.2 - October 28, 2019 ^[1]
macOS Catalina 10.15.1, Security Update 2019-001, and Security Update 2019-006 - October 29, 2019 ^[1]

Vulnerable devices[]

During their research, ESET confirmed over a dozen popular devices were vulnerable.^[3]

Cisco has found several of their devices to be vulnerable and are working on patches.^[7] They are tracking the issue with advisory id cisco-sa-20200226-wi-fi-info-disclosure.^[8]

Known vulnerable devices include:

Amazon Echo 2nd gen
Amazon Kindle 8th gen
Apple iPhone 6, 6S, 8, XR
13-inch 2018
Asus wireless routers (RT-AC1200G+, RT-AC68U), but fixed in firmware Version 3.0.0.4.382.5161220 during March 2020
Google Nexus 5
Google Nexus 6
Google Nexus 6P
Raspberry Pi 3
Samsung Galaxy S8

References[]

^ ^a ^b ^c "A serious vulnerability deep inside Wi-Fi encryption | ESET". www.eset.com. Retrieved 2020-02-28.
^ "Kr00K vulnerability affects devices with Broadcom and Cypress Wi-Fi chips". xda-developers. 2020-02-27. Retrieved 2020-02-28.
^ ^a ^b https://www.welivesecurity.com/wp-content/uploads/2020/02/ESET_Kr00k.pdf
^ "Kr00k, KRACK, and the Seams in Wi-Fi, IoT Encryption". Dark Reading. Retrieved 2020-08-14.
^ "KrØØk attack variants impact Qualcomm, MediaTek Wi-Fi chips". BleepingComputer. Retrieved 2020-08-07.
^ "Beyond KrØØk: Even more Wi‑Fi chips vulnerable to eavesdropping". WeLiveSecurity. 2020-08-06. Retrieved 2020-08-07.
^ Osborne, Charlie. "Cisco patches incoming to address Kr00k vulnerability impacting routers, firewall products". ZDNet. Retrieved 2020-02-28.
^ "Wi-Fi Protected Network and Wi-Fi Protected Network 2 Information Disclosure Vulnerability". tools.cisco.com. Retrieved 2020-02-28.

[:0-1] "A serious vulnerability deep inside Wi-Fi encryption | ESET". www.eset.com. Retrieved 2020-02-28.

[2] "Kr00K vulnerability affects devices with Broadcom and Cypress Wi-Fi chips". xda-developers. 2020-02-27. Retrieved 2020-02-28.

[:1-3] ttps://www.welivesecurity.com/wp-content/uploads/2020/02/ESET_Kr00k.pdf

[4] "Kr00k, KRACK, and the Seams in Wi-Fi, IoT Encryption". Dark Reading. Retrieved 2020-08-14.

[5] "KrØØk attack variants impact Qualcomm, MediaTek Wi-Fi chips". BleepingComputer. Retrieved 2020-08-07.

[6] "Beyond KrØØk: Even more Wi‑Fi chips vulnerable to eavesdropping". WeLiveSecurity. 2020-08-06. Retrieved 2020-08-07.

[7] Osborne, Charlie. "Cisco patches incoming to address Kr00k vulnerability impacting routers, firewall products". ZDNet. Retrieved 2020-02-28.

[8] "Wi-Fi Protected Network and Wi-Fi Protected Network 2 Information Disclosure Vulnerability". tools.cisco.com. Retrieved 2020-02-28.

[1]

[2]

[3]

[4]

[5]

[6]

[7]

[8]