Kr00k
CVE identifier(s) | CVE-2019-15126 |
---|---|
Date discovered | 2019 |
Discoverer | ESET |
Affected hardware | Many devices with Broadcom and Cypress Semiconductor Wi-Fi chips including smartphones, tablets and single-board computers |
Website | https://www.eset.com/int/kr00k/ |
Kr00k (also written as KrØØk) is a security vulnerability that allows some WPA2 encrypted WiFi traffic to be decrypted.[1] The vulnerability was originally discovered by security company ESET in 2019 and assigned CVE-2019-15126 on August 17th, 2019.[2] ESET estimates that this vulnerability affects over a billion devices.[3]
Discovery
Kr00k was discovered by ESET Experimental Research and Detection Team, most prominently ESET security researcher Miloš Čermák.[1]
It was named Kr00k by Robert Lipovský and Štefan Svorenčík. It was discovered when trying variations of the KRACK attack.[4]
Initially found in chips made by Broadcom and Cypress, similar vulnerabilities have been found in other implementations, including those by Qualcomm and MediaTek.[5][6]
Patches
The vulnerability is known to be patched in:
- iOS 13.2 and iPadOS 13.2 - October 28th, 2019 [1]
- macOS Catalina 10.15.1, Security Update 2019–001, and Security Update 2019-006 - October 29th, 2019 [1]
Vulnerable devices
During their research, ESET confirmed over a dozen popular devices were vulnerable.[3]
Cisco has found several of their devices to be vulnerable and are working on patches.[7] They are tracking the issue with advisory id cisco-sa-20200226-wi-fi-info-disclosure.[8]
Known vulnerable devices include:
- Amazon Echo 2nd gen
- Amazon Kindle 8th gen
- Apple iPad mini 2
- Apple iPhone 6, 6S, 8, XR
- Apple MacBook Air Retina 13-inch 2018
- Asus wireless routers (RT-AC1200G+, RT-AC68U), but fixed in firmware Version 3.0.0.4.382.5161220 during March 2020
- Google Nexus 5
- Google Nexus 6
- Google Nexus 6P
- Raspberry Pi 3
- Samsung Galaxy S4 (GT-I9505)
- Samsung Galaxy S8
- Xiaomi Redmi 3S
References
- ^ a b c d "A serious vulnerability deep inside Wi-Fi encryption | ESET". www.eset.com. Retrieved 2020-02-28.
- ^ "Kr00K vulnerability affects devices with Broadcom and Cypress Wi-Fi chips". xda-developers. 2020-02-27. Retrieved 2020-02-28.
- ^ a b "KR00K - CVE-2019-15126 SERIOUS VULNERABILITY DEEP INSIDE YOUR WI-FI ENCRYPTION" (PDF). esetstatic.com. Retrieved 2024-04-19.
- ^ "Kr00k, KRACK, and the Seams in Wi-Fi, IoT Encryption". Dark Reading. 12 August 2020. Retrieved 2020-08-14.
- ^ "KrØØk attack variants impact Qualcomm, MediaTek Wi-Fi chips". BleepingComputer. Retrieved 2020-08-07.
- ^ "Beyond KrØØk: Even more Wi‑Fi chips vulnerable to eavesdropping". WeLiveSecurity. 2020-08-06. Retrieved 2020-08-07.
- ^ Osborne, Charlie. "Cisco patches incoming to address Kr00k vulnerability impacting routers, firewall products". ZDNet. Retrieved 2020-02-28.
- ^ "Wi-Fi Protected Network and Wi-Fi Protected Network 2 Information Disclosure Vulnerability". tools.cisco.com. Retrieved 2020-02-28.
- v
- t
- e
← 2000s | Timeline | 2020s → |
persistent threats
- Bangladesh Black Hat Hackers
- Bureau 121
- Charming Kitten
- Cozy Bear
- Dark Basin
- DarkMatter
- Elfin Team
- Equation Group
- Fancy Bear
- GOSSIPGIRL (confederation)
- Guccifer 2.0
- Hacking Team
- Helix Kitten
- Iranian Cyber Army
- Lazarus Group (BlueNorOff) (AndAriel)
- NSO Group
- Numbered Panda
- PLA Unit 61398
- PLA Unit 61486
- PLATINUM
- Pranknet
- Red Apollo
- Rocket Kitten
- Stealth Falcon
- Syrian Electronic Army
- Tailored Access Operations
- The Shadow Brokers
- xDedic
- Yemen Cyber Army
- Cyber Anakin
- George Hotz
- Guccifer
- Jeremy Hammond
- Junaid Hussain
- Kristoffer von Hassel
- Mustafa Al-Bassam
- MLT
- Ryan Ackroyd
- Sabu
- Topiary
- Track2
- The Jester
publicly disclosed
- Evercookie (2010)
- iSeeYou (2013)
- Heartbleed (2014)
- Shellshock (2014)
- POODLE (2014)
- Rootpipe (2014)
- Row hammer (2014)
- SS7 vulnerabilities (2014)
- WinShock (2014)
- JASBUG (2015)
- Stagefright (2015)
- DROWN (2016)
- Badlock (2016)
- Dirty COW (2016)
- Cloudbleed (2017)
- Broadcom Wi-Fi (2017)
- EternalBlue (2017)
- DoublePulsar (2017)
- Silent Bob is Silent (2017)
- KRACK (2017)
- ROCA vulnerability (2017)
- BlueBorne (2017)
- Meltdown (2018)
- Spectre (2018)
- EFAIL (2018)
- Exactis (2018)
- Speculative Store Bypass (2018)
- Lazy FP state restore (2018)
- TLBleed (2018)
- SigSpoof (2018)
- Foreshadow (2018)
- Dragonblood (2019)
- Microarchitectural Data Sampling (2019)
- BlueKeep (2019)
- Kr00k (2019)
2010 |
|
---|---|
2011 | |
2012 | |
2013 | |
2014 | |
2015 | |
2016 | |
2017 | |
2018 | |
2019 |
|