Codename “Krook” is related to a vulnerability CVE-2019-15126 as specified on the RSA 2020 conference held by ESET in San Francisco. This vulnerability affects WPA2 encrypted WiFi data transfer, allowing it to be fully decrypted. The issue was actually discovered by ESET in 2019 and according to their estimates it is affecting over a billion of all kinds of firewall products and routers.

Cisco Systems Inc. has been heavily focused on creating and providing patches for this vulnerability, while vendors and service providers are recommended to provide the necessary patches to their customer’s devices as they come out. If possible, it is recommended to make use of WPA3 protocols which is not affected by this vulnerability.

Since Cisco uses Broadcom hardware in their products, they are currently focused on providing solutions for devices using that specific platform, as there might be certain differences in handling the issue among other processing hardware. It has been made public knowledge that multiple types of devices designed by Cisco are affected by this vulnerability. Here is a shortlist of currently known affected devices:

IP Phones working on Android OS such as DX70, DX 80 and DX650 are currently under technical assessment to determine if these have been affected by “Kr00k” as well.

Source: ZDNet


Editor’s note: Hey there reader! This is an archived article which was published at the beginning of our journey, in case you want some fresh news, we would recommend a jump to our tech news section. In case you have trouble with any Cisco devices, we would recommend a look at our Guides, as well as troubleshooting tutorials. See you on the homepage!