Home > News content

WiFi vulnerability kr00k exposure: billions of devices worldwide affected

via:博客园     time:2020/2/27 19:08:21     readed:58

Wi Fi chips made by Cypress Semiconductor and Broadcom have serious security vulnerabilities, making billions of devices around the world vulnerable to hackers' attacks and allowing attackers to decrypt sensitive data transmitted in the air around them.


In today's RSA Security Conference, this security vulnerability was made public. For Apple users, the issue has been resolved in the IOS 13.2 and Mac OS 10.15.1 updates released in late October last year.

ESET, a security company, introduced the vulnerability in detail at the RSA conference. Hackers can use a vulnerability called kr00k to interrupt and decrypt WiFi network traffic. The flaw lies in the Wi Fi chips of cypress and Broadcom, which are two brands with high global market share, widely used in everything from laptops to smartphones and from APS to Internet of things devices.



Among them, Amazon's echo and Kindle, Apple's iPhone and iPad, Google's pixel, Samsung's Galaxy series, raspberry pie, millet, ASUS, Huawei and other brand products are all used. It is conservatively estimated that one billion devices around the world are affected by the vulnerability.

Hackers can intercept and analyze the wireless network packets sent by devices after they successfully exploit the vulnerability. Ars technica says:

Kr00k exploits a vulnerability in wireless devices when they are disconnected from the wireless access point. If the end user device or AP hotspot is attacked, it will put all the unsent data frames into the transmit buffer, and then send them wirelessly. Instead of encrypting this data using the session key previously negotiated and used during a normal connection, the vulnerable device uses a key consisting of all zeros, which makes decryption less likely.

One good thing is that the kr00k error only affects WiFi connections using WPA2 personal or WPA2 enterprise security protocols and aes-ccmp encryption. This means that if you use Broadcom or cypress WiFi chipset devices, you can prevent hackers from using the latest WiFi authentication protocol, WPA3.

According to ESET research, which publishes detailed information about the vulnerability, the vulnerability has been made public to Broadcom and cypress with potentially affected parties. At present, most major manufacturers have released device patches. Information about the vulnerability can be found athttps://www.welivesecurity.com/wp-content/uploads/2020/02/ESET_Kr00k.pdf

China IT News APP

Download China IT News APP

Please rate this news

The average score will be displayed after you score.

Post comment

Do not see clearly? Click for a new code.

User comments