CVE-2019-15126
CVE-2019-15126
An issue was discovered on Broadcom Wi-Fi client devices. Specifically timed and handcrafted traffic can cause internal errors (related to state transitions) in a WLAN device that lead to improper layer 2 Wi-Fi encryption with a consequent possibility of information disclosure over the air for a discrete set of traffic, a different vulnerability than CVE-2019-9500, CVE-2019-9501, CVE-2019-9502, and CVE-2019-9503.
Produtos afetados
n/a · n/aPoCs públicas encontradas — 5
githubgithub.com/hexway/r00kie-kr00kie★ 224githubgithub.com/akabe1/kr00ker★ 66githubgithub.com/0x13enny/kr00k★ 12exploitdbwww.exploit-db.com/exploits/48233não verificadocve_referencepacketstormsecurity.com/files/156809/Broadcom-Wi-Fi-KR00K-Proof-Of-Concept.htmlnão verificado⚠ Recursos públicos, para você avaliar a exposição de sistemas que controla ou está autorizado a testar. Teste apenas com autorização.
Quer saber se a sua infraestrutura está exposta a isto?
Falar com a TrueHacking →Referências
http://packetstormsecurity.com/files/156809/Broadcom-Wi-Fi-KR00K-Proof-Of-Concept.htmlhttps://cert-portal.siemens.com/productcert/pdf/ssa-712518.pdfhttps://psirt.global.sonicwall.com/vuln-detail/SNWLID-2020-0001https://support.apple.com/kb/HT210721https://support.apple.com/kb/HT210722https://support.apple.com/kb/HT210788https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200226-wi-fi-info-disclosurehttps://us-cert.cisa.gov/ics/advisories/icsa-20-224-05https://www.mist.com/documentation/mist-security-advisory-kr00k-attack-faq/https://www.synology.com/security/advisory/Synology_SA_20_03http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2020-003.txthttp://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200527-01-wifi-en