Security researchers from ESET disclosed a new high-severity hardware vulnerability in Wi-Fi chips manufactured by Broadcom and Cypress and currently implemented in various devices, including smartphones, tablets, laptops, routers, and IoT gadgets. The flaw, dubbed “Kr00k” and tracked as CVE-2019-15126, causes vulnerable devices to use an all-zero encryption key to encrypt part of the user’s communication and allows an attacker to decrypt some wireless network packets transmitted by a vulnerable device. The researchers estimate that over a billion devices are affected.
The Kr00k flaw affects both WPA2-Personal and WPA2-Enterprise protocols using AES-CCMP encryption for data integrity and confidentiality, but modern devices using WPA3 protocol are not impacted, the researchers said.
According to the firm, Kr00k is somewhat related to KRACK (Key Reinstallation Attacks) discovered in 2017, and may be one of the possible causes behind the “reinstallation” of an all-zero encryption key, observed in tests for KRACK attacks.
Whenever a device connects to an access point (AP), that’s called an association. When it disconnects (when a client roams from one Wi-Fi access point to another, due to signal interference, or simply when a user turns off Wi-Fi on their device) this is called a disassociation. Associations and disassociations are governed by management frames which are unauthenticated and unencrypted allowing a hacker to manually trigger disassociation by forging a management frame.
“Kr00k manifests itself after a disassociation. Once a station’s WLAN session gets disassociated, the session key (TK) stored in the Wireless Network Interface Controller’s (WNIC) Wi-Fi chip is cleared in memory – set to zero,” ESET explained.
While typically no further data is supposed to be transmitted after the disassociation, the researchers found that the chip inadvertently transmits all data frames left in the buffer with an all-zero encryption key even after the disassociation. An attacker can capture and decrypt these data frames.
“As a result, the adversary can capture more network packets containing potentially sensitive data, including DNS, ARP, ICMP, HTTP, TCP, and TLS packets – similar to what they would see on an open WLAN network without WPA2. (Of course, TLS provides another layer of encryption, which is not affected by this attack.)”, ESET said.
Prior to patching, ESET found that the following devices were vulnerable to Kr00k:
·Amazon Echo 2nd gen
·Amazon Kindle 8th gen
·Apple iPad mini 2
·Apple iPhone 6, 6S, 8, XR
·Apple MacBook Air Retina 13-inch 2018
·Google Nexus 5
·Google Nexus 6
·Google Nexus 6S
·Raspberry Pi 3
·Samsung Galaxy S4 GT-I9505
·Samsung Galaxy S8
·Xiaomi Redmi 3S
·Asus RT-N12
·Huawei B612S-25d
·Huawei EchoLife HG8245H
·Huawei E5577Cs-321
The researchers said that they tested Wi-Fi chips from Qualcomm, Realtek, Ralink, and Mediatek, but found them to be unaffected by this vulnerability.
The flaw was disclosed responsibly to Broadcom, Cypress, who released a firmware fix to vendors. ESET also alerted The Industry Consortium for Advancement of Security on the Internet (ICASI) to the issue to ensure that the Kr00k vulnerability would be disclosed to other device manufacturers using the vulnerable chips and other chip manufacturers.