ESET discovered a previously unknown Kr00k vulnerability (CVE-2019-15126) affecting Wi-Fi devices made by Broadcom and Cypress. According to the study, it threatens more than a billion popular gadgets, including smartphones, tablets, IoT devices, as well as Wi-Fi access points and routers.
The detected vulnerability is similar to KRACK (Key Reinstallation Attacks), which was found in 2017, which allowed for the interception and decryption of confidential information (for example, passwords) and DDoS attacks, but has fundamental differences.
Kr00k allows an attacker to decrypt wireless network packets transmitted from an insecure device. The vulnerability affects both WPA2-Personal and WPA2-Enterprise protocols with AES-CCMP encryption.
If the devices are suddenly disconnected from Wi-Fi, the key is cleared and set to 0, while Kr00k does not allow this: the chip leaves the data in the buffer without protection. Thus, Kr00k can open a gap for the leak of confidential user data.
Tests showed that among vulnerable devices there are gadgets from Amazon (Echo, Kindle), Apple (iPhone, iPad, MacBook), Google (Nexus), Samsung (Galaxy), Raspberry (Pi 3), Xiaomi (RedMi), as well as points Access Asus and Huawei. Most major device manufacturers have released fixes, so experts ask users to upgrade.