Cisco to Patch the Recent Disclosed Vulnerability of Krook Routes

Cisco is working on a number of updates to patch a vulnerability recently revealed which can be used to intercept network Wi-Fi traffic.The CVE-2019-15126 vulnerability was nicknamed "Kr00k," and ESET researchers reported on Wednesday during the RSA 2020 security conference at San Francisco. Kr00k is an attacker vulnerability that enables Wi-fi to be forced to decrypt packets sent via WPA2 Personal / Enterprise Wi-Fi channels in an unassociative state. All devices running Wi-Fi are affected by Broadcom or Cypress Wi-Fi chipsets. As a "rational" calculation, ESET has tied the number of vulnerable devices to over a billion. Vendors that use these chipsets apply patches, and attacks can also be mitigated with the newer WPA3 protocol. As a customer of Broadcom chips, Cisco is currently investigating how the rising insecurity of Kr00k is among its products. On Thursday, the tech giant said, "Cisco is reviewing its product line for which products this vulnerability may impact," but preliminary research indicates that "many" devices are affected. According to Cisco, Kr00k is affected by a range of grid and Power over Ethernet (PoE). As detailed below, it also includes:
The susceptibility of Cisco DX70, DX80, and IP devices operating on Android firms, and the Cisco IP Phone 8861, is currently being investigated by Cisco. The company does not have patches yet developed to fix the safety deficiency of the known, affected program, but says changes are in progress.
Previous Post Next Post