Cisco is working on a set of patches to address a recently-disclosed vulnerability that can be exploited to intercept Wi-Fi network traffic.
The vulnerability, tracked as CVE-2019-15126, has been nicknamed "Kr00k" and was disclosed at the RSA 2020 security conference in San Francisco by ESET researchers on Wednesday.
Kr00k is a vulnerability that permits attackers to force Wi-Fi systems into disassociative states, granting the opportunity to decrypt packets sent over WPA2 Personal/Enterprise Wi-Fi channels.
All Wi-Fi enabled devices operating on Broadcom or Cypress Wi-Fi chipsets are impacted. ESET has pegged the number of vulnerable devices at over a billion as a "conservative" estimate.
Patches are being applied by vendors that use these chipsets and it is also possible to mitigate attacks by using the newer WPA3 protocol.
Cisco is currently examining how widespread Kr00k vulnerability is within its products, as a user of Broadcom chips.
The tech giant said on Thursday that "Cisco is investigating its product line to determine which products may be affected by this vulnerability," but preliminary investigations have shown that "multiple" devices are impacted.
According to Cisco, a range of grid and Power over Ethernet (PoE) routers, firewall products, IP phones, and access point systems are affected by Kr00k, as detailed below:
Cisco is currently investigating the susceptibility of Cisco DX70, DX80, and DX650 IP phones that are operating on Android firmware, as well as the Cisco IP Phone 8861.
The company has not yet developed patches to resolve the security flaw in the known, impacted software, but says that fixes are incoming.
On Wednesday, Cisco announced a slew of new software and hardware solutions for 5G infrastructure. The Cloud Services stacks for mobility, residential and content delivery offerings are designed to boost 4G and 5G networking services, content streaming, and networking at the edge.
Previous and related coverage
- Cisco rolls out new cloud software and hardware for mobile networks
- Cisco unveils SecureX cloud platform for improved security visibility
- New Kr00k vulnerability lets attackers decrypt WiFi packets
Have a tip? Get in touch securely via WhatsApp | Signal at +447713 025 499, or over at Keybase: charlie0