Cisco patches incoming to address Kr00k vulnerability impacting routers, firewall products

There are no workarounds for the Wi-Fi communications bug.

Cisco's SSM On-Prem has a 9.8/10 severity flaw, patch now

Cisco is working on a set of patches to address a recently-disclosed vulnerability that can be exploited to intercept Wi-Fi network traffic. 

The vulnerability, tracked as CVE-2019-15126, has been nicknamed "Kr00k" and was disclosed at the RSA 2020 security conference in San Francisco by ESET researchers on Wednesday. 

Kr00k is a vulnerability that permits attackers to force Wi-Fi systems into disassociative states, granting the opportunity to decrypt packets sent over WPA2 Personal/Enterprise Wi-Fi channels. 

See also: Cisco critical bugs: Nexus data center switch software needs patching now

All Wi-Fi enabled devices operating on Broadcom or Cypress Wi-Fi chipsets are impacted. ESET has pegged the number of vulnerable devices at over a billion as a "conservative" estimate. 

Patches are being applied by vendors that use these chipsets and it is also possible to mitigate attacks by using the newer WPA3 protocol. 

Cisco is currently examining how widespread Kr00k vulnerability is within its products, as a user of Broadcom chips. 

The tech giant said on Thursday that "Cisco is investigating its product line to determine which products may be affected by this vulnerability," but preliminary investigations have shown that "multiple" devices are impacted. 

CNET: iBaby monitor vulnerable to hacking

According to Cisco, a range of grid and Power over Ethernet (PoE) routers, firewall products, IP phones, and access point systems are affected by Kr00k, as detailed below:

screenshot-2020-02-27-at-13-09-23.png

Cisco is currently investigating the susceptibility of Cisco DX70, DX80, and DX650 IP phones that are operating on Android firmware, as well as the Cisco IP Phone 8861. 

The company has not yet developed patches to resolve the security flaw in the known, impacted software, but says that fixes are incoming. 

TechRepublic: RSA president: Hackers have broken into our brains and created the wrong security story

On Wednesday, Cisco announced a slew of new software and hardware solutions for 5G infrastructure. The Cloud Services stacks for mobility, residential and content delivery offerings are designed to boost 4G and 5G networking services, content streaming, and networking at the edge.

Previous and related coverage


Have a tip? Get in touch securely via WhatsApp | Signal at +447713 025 499, or over at Keybase: charlie0