Loading AI tools
Security vulnerability affecting WiFi traffic From Wikipedia, the free encyclopedia
Kr00k (also written as KrØØk) is a security vulnerability that allows some WPA2 encrypted WiFi traffic to be decrypted.[1] The vulnerability was originally discovered by security company ESET in 2019 and assigned CVE-2019-15126 on August 17th, 2019.[2] ESET estimates that this vulnerability affects over a billion devices.[3]
CVE identifier(s) | CVE-2019-15126 |
---|---|
Date discovered | 2019 |
Discoverer | ESET |
Affected hardware | Many devices with Broadcom and Cypress Semiconductor Wi-Fi chips including smartphones, tablets and single-board computers |
Website | https://www.eset.com/int/kr00k/ |
Kr00k was discovered by ESET Experimental Research and Detection Team, most prominently ESET security researcher Miloš Čermák.[1]
It was named Kr00k by Robert Lipovský and Štefan Svorenčík. It was discovered when trying variations of the KRACK attack.[4]
Initially found in chips made by Broadcom and Cypress, similar vulnerabilities have been found in other implementations, including those by Qualcomm and MediaTek.[5][6]
The vulnerability is known to be patched in:
During their research, ESET confirmed over a dozen popular devices were vulnerable.[3]
Cisco has found several of their devices to be vulnerable and are working on patches.[7] They are tracking the issue with advisory id cisco-sa-20200226-wi-fi-info-disclosure.[8]
Known vulnerable devices include:
Seamless Wikipedia browsing. On steroids.
Every time you click a link to Wikipedia, Wiktionary or Wikiquote in your browser's search results, it will show the modern Wikiwand interface.
Wikiwand extension is a five stars, simple, with minimum permission required to keep your browsing private, safe and transparent.