Researchers at the RSA security conference have revealed that billions of people could be at the risk of eavesdropping due to a vulnerability that has been discovered in the Wi-Fi chips made by Cypress Semiconductor and Broadcom. Wi-Fi chips from these companies are found in millions of devices worldwide including iPhones, Macs, Amazon Echos, and more.
The vulnerability has been discovered by Eset and has been named Kr00k. The flaw is primarily found in FullMAC WLAN chips from Cypress and Broadcom. Below is how Ars has explained the vulnerability:
Kr00k exploits a weakness that occurs when wireless devices disassociate from a wireless access point. If either the end-user device or the access point is vulnerable, it will put any unsent data frames into a transmit buffer and then send them over the air. Rather than encrypt this data with the session key negotiated earlier and used during the normal connection, vulnerable devices use a key consisting of all zeros, a move that makes decryption trivial.
Eset found in its testing that Apple products like the iPad mini 2, iPhone 6, iPhone 6s, iPhone XR, MacBook Air (2018) were all vulnerable to this exploit. The good thing is that Apple has patched the exploit with the iOS 13.2 and the macOS 10.15.1 update that was released back in October. Amazon has also updated its devices with security patches for the vulnerability. Other OEMs, however, are yet to make it clear whether they have patched this vulnerability or not in their devices.
The exploit was not found in Wi-Fi chips from other companies like Qualcomm, Realtek, MediaTek, and others. It is important to note that the real-world threat of this exploit is not as severe because most sensitive data and communication are encrypted nowadays. This greatly limits a hacker’s ability to steal important data from your device using the Kr00k exploit.[Via Ars Technica]