Kr00k Explained

Kr00k
Cve:CVE-2019-15126
Discoverer:ESET
Discovered:2019
Affected Hardware:Many devices with Broadcom and Cypress Semiconductor Wi-Fi chips including smartphones, tablets and single-board computers
Website:https://www.eset.com/int/kr00k/

Kr00k (also written as KrØØk) is a security vulnerability that allows some WPA2 encrypted WiFi traffic to be decrypted.[1] The vulnerability was originally discovered by security company ESET in 2019 and assigned on August 17th, 2019.[2] ESET estimates that this vulnerability affects over a billion devices.[3]

Discovery

Kr00k was discovered by ESET Experimental Research and Detection Team, most prominently ESET security researcher Miloš Čermák.

It was named Kr00k by Robert Lipovský and Štefan Svorenčík. It was discovered when trying variations of the KRACK attack.[4]

Initially found in chips made by Broadcom and Cypress, similar vulnerabilities have been found in other implementations, including those by Qualcomm and MediaTek.[5] [6]

Patches

The vulnerability is known to be patched in:

Vulnerable devices

During their research, ESET confirmed over a dozen popular devices were vulnerable.

Cisco has found several of their devices to be vulnerable and are working on patches.[7] They are tracking the issue with advisory id cisco-sa-20200226-wi-fi-info-disclosure.[8]

Known vulnerable devices include:

Notes and References

  1. Web site: A serious vulnerability deep inside Wi-Fi encryption ESET. www.eset.com. en. 2020-02-28.
  2. Web site: Kr00K vulnerability affects devices with Broadcom and Cypress Wi-Fi chips. 2020-02-27. xda-developers. en-US. 2020-02-28.
  3. Web site: KR00K - CVE-2019-15126 SERIOUS VULNERABILITY DEEP INSIDE YOUR WI-FI ENCRYPTION . 2024-04-19 . esetstatic.com.
  4. Web site: Kr00k, KRACK, and the Seams in Wi-Fi, IoT Encryption. 2020-08-14. Dark Reading. 12 August 2020 . en.
  5. Web site: KrØØk attack variants impact Qualcomm, MediaTek Wi-Fi chips. 2020-08-07. BleepingComputer. en-us.
  6. Web site: 2020-08-06. Beyond KrØØk: Even more Wi‑Fi chips vulnerable to eavesdropping. 2020-08-07. WeLiveSecurity. en-US.
  7. Web site: Cisco patches incoming to address Kr00k vulnerability impacting routers, firewall products. Osborne. Charlie. ZDNet. en. 2020-02-28.
  8. Web site: Wi-Fi Protected Network and Wi-Fi Protected Network 2 Information Disclosure Vulnerability. tools.cisco.com. 2020-02-28.