Yesterday researchers have disclosed a new type of high-severity vulnerability called Krook that could let an attacker intercept and decrypt some wifi traffic on WPA2 connections the vulnerability resides in the Wi-Fi chips from Broadcom and Cypress that were used in smartphones, tablets, laptops, routers, and IoT gadgets according to a rough estimate about a billion of devices are found to vulnerable.
The vulnerability can be tracked as CVE-2019-15126 and the attacker doesn’t need to be connected with the victim’s wireless network.
Our tests confirmed some client devices by Amazon (Echo, Kindle), Apple (iPhone, iPad, MacBook), Google (Nexus), Samsung (Galaxy), Raspberry (Pi 3), Xiaomi (RedMi), as well as some access points by Asus and Huawei, were vulnerable to Kr00k,
ESET researchers said.
A full detail about the bug and exploit were given by ESET researchers on Wednesday.
However, the vulnerability does not let an attacker to connect with the Wifi network
Suppose if an attacker has successfully exploited the flaw and he/she cannot be able to grab any sensitive information for HTTPs connections.
Besides this, since the flaw also affects chips embedded in many wireless routers, the issue also makes it possible for attackers to intercept and decrypt network traffic transmitted from connected devices that are not vulnerable to Kr00k, either patched or using different Wi-Fi chips.”, the hacker news said
ESET researchers have reported the flaw to both the manufacturers
and both the researchers have released the patch for this vulnerability.
Attackers can force devices into a prolonged disassociated state, receive WiFi packets meant for the attacked device, and then use the Kr00k bug to decrypt WiFi traffic using the all-zero key.
ESET researchers said
However, the bug cannot let an attacker to fully compromise a Wifi network if the user is using encryption such as HTTPs, Tor or proxy the traffic will be still encrypted after being exploited the bug.
Patches have been released by the chip manufacturers and ESET have notified all the possible companies affected by the bug to develop the patch.