KrØØk: Serious vulnerability affected encryption of billion+ Wi‑Fi devices

ESET researchers uncover a previously unknown security flaw allowing an adversary to decrypt some wireless network packets transmitted by vulnerable devices

ESET Research has published its latest white paper, KrØØk – CVE-2019-15126: Serious vulnerability deep inside your Wi-Fi encryption. This blogpost summarizes that white paper, authored by researchers Miloš Čermák, Robert Lipovský and Štefan Svorenčík. For updated information regarding patches by individual vendors, readers can also refer to our dedicated webpage.

ESET researchers discovered a previously unknown vulnerability in Wi-Fi chips and named it KrØØk. This serious flaw, assigned CVE-2019-15126, causes vulnerable devices to use an all-zero encryption key to encrypt part of the user’s communication. In a successful attack, this allows an adversary to decrypt some wireless network packets transmitted by a vulnerable device.

KrØØk affects devices with Wi-Fi chips by Broadcom and Cypress that haven’t yet been patched. These are the most common Wi-Fi chips used in contemporary Wi-Fi capable devices such as smartphones, tablets, laptops, and IoT gadgets.

KrØØk – CVE‑2019‑15126: Serious vulnerability deep inside your Wi‑Fi encryptionDownload Research Paper

Not only client devices but also Wi-Fi access points and routers with Broadcom chips were affected by the vulnerability, thus making many environments with unaffected or already patched client devices vulnerable anyway.

Our tests confirmed that prior to patching, some client devices by Amazon (Echo, Kindle), Apple (iPhone, iPad, MacBook), Google (Nexus), Samsung (Galaxy), Raspberry (Pi 3), Xiaomi (RedMi), as well as some access points by Asus and Huawei, were vulnerable to KrØØk. This totaled to over a billion Wi-Fi-capable devices and access points, at a conservative estimate. Further, many other vendors whose products we did not test also use the affected chipsets in their devices.

The vulnerability affects both WPA2-Personal and WPA2-Enterprise protocols, with AES-CCMP encryption.

KrØØk is related to KRACK (Key Reinstallation Attacks), discovered in 2017 by Mathy Vanhoef, but also fundamentally different. In the beginning of our research, we found KrØØk to be one of the possible causes behind the “reinstallation” of an all-zero encryption key, observed in tests for KRACK attacks. This followed our previous findings that Amazon Echo was vulnerable to KRACK.

We responsibly disclosed the vulnerability to chip manufacturers Broadcom and Cypress, who subsequently released updates during an extended disclosure period. We also worked with the Industry Consortium for Advancement of Security on the Internet (ICASI) to ensure that all potentially affected parties – including affected device manufacturers using the vulnerable chips, as well as any other possibly affected chip manufacturers – were aware of KrØØk.

According to our information, patches for devices by major manufacturers have been released by now. To protect yourself, as a user, make sure you have applied the latest available updates to your Wi-Fi-capable devices, including phones, tablets, laptops, IoT devices, and Wi-Fi access points and routers. As a device manufacturer, please inquire about patches for the KrØØk vulnerability directly with your chip manufacturer.

These findings were presented publicly for the first time at the RSA Conference 2020.

Special thanks to our colleagues Juraj Bartko and Martin Kaluznik, who greatly contributed to this research. We’d also like to commend Amazon, Broadcom, and Cypress for their good cooperation on dealing with the reported issues and ICASI for their assistance in informing as many of the impacted vendors as possible.