Kr00k Vulnerability affects devices with Broadcom and Cypress chipsets
ESET researchers disclose a vulnerability- CVE-2019-15126 during the RSA 2020 security conference in San Francisco. This dubbed Kr00k vulnerability can be exploited to intercept and decrypt Wi-Fi network traffic relying on WPA2 connections.
As per the researchers, this vulnerability affects Wi-FI capable devices having Broadcom and Cypress Wi-Fi chips. Such chipsets are used in almost every device including SmartPhones, laptobs, IoT devices and etc.
The devices such as Amazon (Echo Kindle), Apple (iPhone, iPad, MacBook), Google (Nexus), Samsung (Galaxy), Raspberry (Pi 3) and Xiaomi (Redmi), and also access points from Asus and Huawei has affected by this vulnerability and billions of the devices are prone to this vulnerability.
The thing that makes this kr00ks vulnerability a different one from other such vulnerabilities is that it impacts the encryption that secures the data packets sent over Wi-Fi connections.
Typically, such packets are encrypted using a unique key associated with what the password the users use for Wi-FI. In case of the vulnerability, it was found that the Broadcom and Cypress WiFI chipsets key is reset with a process called Dissociation.
The Dissociation is the natural process in a WiFi connection – the wireless network dissociates many times a day and can reconnect automatically to the previous network. The problem with the vulnerability allows the crooks to force the devices to enter a prolonged dissociated state to receive specific packets and deploy the bug to decrypt the traffic using zeroed key.
The Kr00ks vulnerability was uncovered in 2017 when researchers designed a exploit named Krack Attack that allows usersto eaversdrop on WiFi traffic between computer and routes and access points and other network devices.
Even after the two years of the disclosing of the vulnerability, many WiFi enabled devices were still vulnerable. Later on, ESET discovered that, “while the second generation Amazon Echo was not affected by the original KRACK attacks, it was vulnerable to one of the KRACK variants, specifically: PTK reinstallation in 4-way handshake when STA uses Temporal PTK construction, random Anonce.”
The researchers also reported that the flaw to Amazon and reported that Cypress WLAn chip was used in the second generation of the Echo devices. This chip was vulnerable was vulnerable to the bug that later on given name Kr00k.
The Experts said in their report, “It should be noted that encryption with an all-zero TK can have number of causes – Kr00k is just one of them, although a very significant one, due to the widespread distribution of the vulnerable Broadcom and Cypress chips,”
The latest news on regarding this is that CISCO is investigating the impact of the vulnerability on its own products from Broadcom chips. It appears that many of its devices are affected. The patches are yet to be developed.