Bruce SchneierSCHNEIER:B6B87E61CED96ACFAF94DA5C82D0F8A4

HistoryMar 03, 2020 - 12:43 p.m.

Wi-Fi Chip Vulnerability

2020-03-0312:43:15

Bruce Schneier

www.schneier.com

There’s a vulnerability in Wi-Fi hardware that breaks the encryption:

> The vulnerability exists in Wi-Fi chips made by Cypress Semiconductor and Broadcom, the latter a chipmaker Cypress acquired in 2016. The affected devices include iPhones, iPads, Macs, Amazon Echos and Kindles, Android devices, and Wi-Fi routers from Asus and Huawei, as well as the Raspberry Pi 3. Eset, the security company that discovered the vulnerability, said the flaw primarily affects Cypress’ and Broadcom’s FullMAC WLAN chips, which are used in billions of devices. Eset has named the vulnerability Kr00k, and it is tracked as CVE-2019-15126.
>
> Manufacturers have made patches available for most or all of the affected devices, but it’s not clear how many devices have installed the patches. Of greatest concern are vulnerable wireless routers, which often go unpatched indefinitely.

That’s the real problem. Many of these devices won’t get patched – ever.

fortinet 1

ics 1

openvas 16

thn 1

githubexploit 4

hp 1

suse 2

mageia 2

trendmicroblog 1

packetstorm 1

huawei 1

threatpost 1

exploitpack 1

kitploit 1

cisco 1

zdt 1

kaspersky 1

mscve 1

exploitdb 1

cve 1

nessus 13

prion 1

redhatcve 1

attackerkb 1

avleonov 1

apple 6

rapid7blog 1

fortinet

Kr00k vulnerability (CVE-2019-15126) in Broadcom and Cypress Wi-Fi chips

2020-12-01 00:00:00

ics

Siemens SIMATIC, SIMOTICS (Update A)

2020-12-08 12:00:00

openvas

Huawei Data Communication: Information Disclosure Vulnerability (huawei-sa-20200527-01-wifi-en, Kr00k)

2023-02-01 00:00:00

SUSE: Security Advisory (SUSE-SU-2021:4201-1)

2022-01-01 00:00:00

openSUSE: Security Advisory for kernel-firmware (openSUSE-SU-2021:1648-1)

2022-02-01 00:00:00

thn

New Wi-Fi Encryption Vulnerability Affects Over A Billion Devices

2020-02-26 18:15:00

githubexploit

Exploit for Time-of-check Time-of-use (TOCTOU) Race Condition in Apple Ipados

2020-03-18 16:25:28

Exploit for Time-of-check Time-of-use (TOCTOU) Race Condition in Apple Ipados

2020-03-13 14:53:54

Exploit for Time-of-check Time-of-use (TOCTOU) Race Condition in Apple Ipados

2020-03-09 11:15:08

HPSBPI03687 rev. 3 - Certain HP LaserJet Printer and MFP Products and JetDirect Print Server Products - Information Disclosure

2020-09-15 00:00:00

suse

Security update for kernel-firmware (low)

2021-12-31 00:00:00

Security update for the Linux Kernel (critical)

2022-02-10 00:00:00

mageia

Updated nonfree firmware packages fix security vulnerability

2021-03-04 15:26:19

Updated nonfree firmware packages fix security vulnerability

2021-03-04 15:26:19

trendmicroblog

This Week in Security News: Trend Micro Detects a 10 Percent Rise in Ransomware in 2019 and New Wi-Fi Encryption Vulnerability Affects Over a Billion Devices

2020-02-28 13:56:27

packetstorm

Broadcom Wi-Fi KR00K Proof Of Concept

2020-03-19 00:00:00

huawei

Security Advisory - Kr00k Vulnerability in Broadcom Wi-Fi chips

2020-05-27 00:00:00

threatpost

Billions of Devices Open to Wi-Fi Eavesdropping Attacks

2020-02-27 04:07:18

exploitpack

Broadcom Wi-Fi Devices - KR00K Information Disclosure

2020-03-18 00:00:00

kitploit

R00Kie-Kr00Kie - PoC Exploit For The CVE-2019-15126 Kr00K Vulnerability

2020-03-30 20:30:00

cisco

Wi-Fi Protected Network and Wi-Fi Protected Network 2 Information Disclosure Vulnerability

2020-02-27 00:00:00

zdt

Broadcom Wi-Fi Devices - (KR00K) Information Disclosure Exploit

2020-03-19 00:00:00

kaspersky

KLA20228 OSI vulnerability in Microsoft Device

2023-02-14 00:00:00

mscve

MITRE: CVE-2019-15126 Specifically timed and handcrafted traffic can cause internal errors (related to state transitions) in a WLAN device

2023-02-14 08:00:00

exploitdb

Broadcom Wi-Fi Devices - 'KR00K Information Disclosure

2020-03-18 00:00:00

cve

CVE-2019-15126

2020-02-05 17:15:00

nessus

SUSE SLES12 Security Update : kernel-firmware (SUSE-SU-2021:4200-1)

2021-12-31 00:00:00

SUSE SLES12 Security Update : bcm43xx-firmware (SUSE-SU-2021:4003-1)

2021-12-14 00:00:00

SUSE SLED15 / SLES15 Security Update : kernel-firmware (SUSE-SU-2021:4201-1)

2021-12-31 00:00:00

prion

Information disclosure

2020-02-05 17:15:00

redhatcve

CVE-2019-15126

2020-03-06 16:40:50

attackerkb

CVE-2019-15126 aka Kr00k

2020-02-05 00:00:00

avleonov

Microsoft Patch Tuesday February 2023: Win Graphics RCE, Edge RCE, Publisher SFB, CLFS EoP, Exchange RCEs, Word RCE, HoloLens1

2023-02-26 16:37:52

apple

About the security content of iOS 13.2 and iPadOS 13.2 - Apple Support

2020-04-05 02:40:44

About the security content of iOS 13.2 and iPadOS 13.2

2019-10-28 00:00:00

About the security content of macOS Catalina 10.15.1, Security Update 2019-001, and Security Update 2019-006

2019-10-29 00:00:00

rapid7blog

Patch Tuesday - February 2023

2023-02-15 00:41:59

Products

Security Intelligence
Non-intrusive assessment
Developers SDK
Windows scanner
Linux scanner
Perimeter control tool
MSSP

Database

Vulnerabilities
Exploits
IOC
Security News
BugBounty
Popular
Wild Exploited
Top Vulnerabilities

Tools

Linux Security Scanner
API integration
Subscriptions
Plugins
Manual Audit

Learn More

Stats
API
Docs
Api-keys
License
Pricing
Glossary
FAQ

Company

Blog
Contacts
About Us
OpenSource
EULA
Brand Guideline
Privacy Policy

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply. All product names, logos, and brands are property of their respective owners. All company, product and service names used in this website are for identification purposes only. Use of these names, logos, and brands does not imply endorsement.If you are an owner of some content and want it to be removed, please contact us. Using Vulners services you are accepting Vulners services end-user license agreement

@2024 Vulners Inc

JSON

Related for SCHNEIER:B6B87E61CED96ACFAF94DA5C82D0F8A4