Security researchers have discovered a new vulnerability CVE-2019-15126 dubbed Kr00k (or “KrØØk”) that impacts devices with Broadcom and Cypress Wi-Fi chips.
ESET researchers announced the findings publicly at RSA Conference 2020 on Wednesday. In the presentation, ESET described how an actor could decrypt wireless network packets by exploiting the serious flaw on WiFi chipsets used in billions of devices, such as those made by Apple, Google and Samsung.
The ESET security team also released details in a new white paper “KrØØk – CVE-2019-15126: Serious vulnerability deep inside your Wi-Fi encryption” on the same day.
“This serious flaw, assigned CVE-2019-15126, causes vulnerable devices to use an all-zero encryption key to encrypt part of the user’s communication. In a successful attack, this allows an adversary to decrypt some wireless network packets transmitted by a vulnerable device,” ESET researchers noted in the white paper.
Kr00k also impacts WPA2-Personal and WPA2-Enterprise protocols, with AES-CCMP encryption.
In addition, Kr00k traces its roots back to KRACK (Key Reinstallation Attacks), that was discovered in 2017. Security researchers had previously discovered serious weaknesses and total breakdown in WPA2, a security protocol used to secure protected Wi-Fi networks.
However, the ESET security experts said Kr00k is “fundamentally different” from KRACK. For instance, their research revealed that Kr00k was likely one of the possible causes behind the “reinstallation” of an all-zero encryption key (used to encrypt part of the user’s communication). This was observed in previous testing of KRACK attacks.
ESET has responsibly disclosed the Kr00k vulnerability to chip manufacturers Broadcom and Cypress. Furthermore, vendors should have patches available at the time of the publication.
Cisco released a Medium severity security advisory and said they are investigating its product line to find which products may be impacted by Krook.