Black Hat USA 2020: Dangerous Wi-Fi KrOOk Vulnerability Affected More Wi-Fi Chipset Than Previously Disclosed
August 10, 2020 Share

Black Hat USA 2020: Dangerous Wi-Fi KrOOk Vulnerability Affected More Wi-Fi Chipset Than Previously Disclosed

Black Hat USA 2020: Dangerous Wi-Fi KrOOk Vulnerability Affected More wi-fi chipset Than Previously Disclosed

The security researchers have recently detected that small Qualcomm and MediaTek Wi-Fi chips are vulnerable to the latest variants of the KrOOk data exposure vulnerability.

KrOOk is a quite dangerous vulnerability, and this vulnerability has now affected more Wi-Fi chipsets that allow unauthorized decryption of some WPA2-encrypted traffic. Initially, it was discovered in February and was named “CVE-2019-15126.”

What is KrOOk?

KrOOk is a severe vulnerability that was initially discovered in Broadcom and Cypress Wi-Fi chips. Its main function is to enable unauthorized decryption of some WPA2-encrypted wireless network systems.

The devices that are flawed dispatch these vulnerabilities after successful exploitation and the attackers do so by urging them to apply the all-zero session codes to encrypt a portion of the transferred network.

These kinds of bugs are previously being installed in the 4-way handshake, and this unsatisfactory state happens on unprotected Broadcom and Cypress chips that follow a Wi-Fi squad.

The researchers claimed that before disclosing the flaw, they worked with the affected victims through a qualified disclosure method. And after consulting the affected victims, they came to know that there are also unsafe products, and they are using the deployed patches.

Microsoft Azure Sphere, Qualcomm, and MediaTek Wi-Fi-enabled devices are also vulnerable

Apart from Broadcom and Cypress Wi-Fi chips, the ESET researchers Robert Lipovsky, and Stefan Svorencik have found the new variants of KrOOk on the Wi-Fi chips of other popular brands like Qualcomm and MediaTek. The chips of these brands were used in many places, like vehicles, travel systems, watches, laptops, smartphones, routers, and many other devices.

This new vulnerability was named, CVE-2020-3702, which is set off by detachment and commenced to some unwanted disclosure of data by dispatching unencrypted data in the place of encrypted data; worked like the KrOOk vulnerability.

This vulnerability included the ASUS RT-AC52U router and the Microsoft Azure Sphere expansion kit. This kit uses the MT3620 microcontroller, which are specifically used in the smart home, commercial, and industrial clarifications.

Overview of KrOOk

Moreover, experts have also tested the D-Link DCH-G020 Smart Home Hub and the Czech Turris Omnia, but here the problem also involved other unpaid hardware as well. Apart from this, Qualcomm has already released a fix for its affected driver in July.

Experts also included that there might be any other unpatched devices utilizing the vulnerable Qualcomm chipsets. But, in some cases, some devices do not use proprietary software; instead, they use open-source software like Linux-based; just as the upstream “ath9k” driver.

The researchers affirmed that they would publish the script they are using to examine whether the devices are vulnerable to KrOOk or not. They also added tests for the newer variants and concluded by asserting that the script can be utilized by anyone to verify the exposure.

This post Black Hat USA 2020: Dangerous Wi-Fi KrOOk Vulnerability Affected More Wi-Fi Chipset Than Previously Disclosed originally appeared on GB Hackers.

Read More