Security News > 2020 > February > Cisco to Release Updates for Wireless Products Affected by Kr00k Vulnerability
Cisco says it will release patches for wireless devices affected by the recently disclosed Wi-Fi chip vulnerability named Kr00k.
Cybersecurity firm ESET revealed on Wednesday that over one billion Wi-Fi-capable devices were at one point affected by a vulnerability that can allow hackers to obtain potentially sensitive information from wireless communications.
The security hole causes devices using these chips to encrypt part of a user's communications with a static and weak key, allowing an attacker to decrypt some of the wireless network packets transmitted by affected devices.
In an advisory published on Thursday, Cisco said some of its products are also affected by the vulnerability, which it has described as a medium-severity information disclosure issue.
The Kr00k vulnerability can be triggered following a disassociation, which occurs when a device is disconnected from a Wi-Fi network due to signal interference, switching access points, or disabling of the Wi-Fi feature on the device.
News URL
Related news
- Cisco Releases Patch for Critical URWB Vulnerability in Industrial Wireless Systems (source)
- Critical vulnerability in Cisco industrial wireless access points fixed (CVE-2024-20418) (source)
- Cisco Issues Urgent Fix for ASA and FTD Software Vulnerability Under Active Attack (source)
- Cisco scores a perfect CVSS 10 with critical flaw in its wireless system (source)