lswcap
Wi-Fi, which is widely used in smartphones and laptops, realizes secure communication by encrypting communication using WPA2, one of the security protocols. However, it is said that ESET, a security company, has discovered a new vulnerability that blocks communication to terminals using Wi-Fi. It is estimated that there will be more than 1 billion Xyres affected by this vulnerability.
Called Kr00k, the vulnerability is due to a bug in the Broadcom and Cypress Wi-Fi chips. These two companies are the most common Wi-Fi chip makers and are installed in Apple products such as iPhone, as well as Amazon and Wi-Fi routers. Usually, Wi-Fi terminals encrypt communication through key encryption generated by encryption algorithms such as AES from Wi-Fi encryption. However, in the case of a Wi-Fi device equipped with a Broadcom and Cypress chip, when the Wi-Fi communication strength is weak, the key value is reset to 0 in the process of disassociation. In addition, this vulnerability is that the key value remains in the data frame buffer memory where encryption is performed between zeros and is transmitted as it is.
Wi-Fi truncation, the origin of this vulnerability, can be caused by using a data frame for management, and this frame does not require encryption. As long as the device’s Wi-Fi is within physical reach, an attacker can hijack the frame causing the truncation in time and decrypt the frame to view the frame contents.
The devices that ESET tested and actually verified for vulnerabilities are Amazon Echo 2nd generation, Kindle 8th generation, Apple iPad mini 2 and iPhone 6(s), 8, XR, MacBook Air Renita 13-inch 2018, Google Nexus 5 and 6 ( S), Raspberry Pi 3, Samsung Galaxy S4 GTI9505 and S8. Xiaomi Redmi 3S, Asus RT-N12, Huawei B612S-25d, Eco Life HG8245H, E5577Cs-321, etc.
Unlike KRACK, another vulnerability related to WPA2, Kr00k cannot ignore secure communication such as HTTPS. In addition, using WPA3, a Wi-Fi security standard that has replaced WPA2, is not affected by the vulnerability.
ESET discovered this vulnerability and urged Wi-Fi chip makers and device makers to recognize it, and Apple is said to be fixing the vulnerability through an operating system update. Related information can be found here .
Add comment