Skip to main content

Cisco working on fix for Kr00k Wi-Fi flaw

(Image credit: Image Credit: Leolintang / Shutterstock)

Cisco has announced it is working on a patch for multiple products affected by the recently discovered Kr00k vulnerability.

The flaw - found in Wi-Fi chips from Broadcom and Cypress - can be harnessed by an attacker to decrypt data frames captured from a nearby device, without need for network security keys.

Also known as CVE-2019-1526, the vulnerability is brought about when an affected device disconnects from its access point - an event that can be forced by an attacker via a deauthentication attack.

At this point, the key that secures Wi-Fi communication is nullified and the attacker can extract potentially sensitive information. The greater the number of deauthentication events an attacker can trigger, the greater their chances of intercepting valuable information.

According to a report from Bleeping Computer, Kr00k affects at least 14 Cisco products, ranging from routers and firewalls to unified communications devices. The products so far identified as vulnerable target both enterprises and small businesses.

Security researchers at ESET, the firm responsible for Kr00k’s discovery, estimate more than one billion vulnerable devices are in circulation, including products from high-profile players such as Apple, Amazon, Google, Samsung and Huawei.

Cisco warns the issue cannot be addressed via a workaround and a patch is the only reliable solution.