Kr00k
Kr00k is a security vulnerability that allows some WPA2 encrypted WiFi traffic to be decrypted. The vulnerability was originally discovered by security company ESET in 2019 and assigned on August 17th, 2019. ESET estimates that this vulnerability affects over a billion devices.
Discovery
Kr00k was discovered by ESET Experimental Research and Detection Team, most prominently ESET security researcher Miloš Čermák.It was named Kr00k by Robert Lipovský and Štefan Svorenčík. It was discovered when trying variations of the KRACK attack.
Initially found in chips made by Broadcom and Cypress, similar vulnerabilities have been found in other implementations, including those by Qualcomm and MediaTek.
Patches
The vulnerability is known to be patched in:- iOS 13.2 and iPadOS 13.2 - October 28th, 2019
- macOS Catalina 10.15.1, Security Update 2019–001, and Security Update 2019-006 - October 29th, 2019
Vulnerable devices
Cisco has found several of their devices to be vulnerable and are working on patches. They are tracking the issue with advisory id cisco-sa-20200226-wi-fi-info-disclosure.
Known vulnerable devices include:
- Amazon Echo 2nd gen
- Amazon Kindle 8th gen
- Apple iPad mini 2
- Apple iPhone 6, 6S, 8, XR
- Apple MacBook Air Retina 13-inch 2018
- Asus wireless routers, but fixed in firmware Version 3.0.0.4.382.5161220 during March 2020
- Google Nexus 5
- Google Nexus 6
- Google Nexus 6P
- Raspberry Pi 3
- Samsung Galaxy S4
- Samsung Galaxy S8
- Xiaomi Redmi 3S