Sunday, April 20, 2025
HomeCVE/vulnerabilityBlack Hat USA 2020: Dangerous Wi-Fi KrØØk Vulnerability Affected More wi-fi chipset...

Black Hat USA 2020: Dangerous Wi-Fi KrØØk Vulnerability Affected More wi-fi chipset Than Previously Disclosed

Published on

SIEM as a Service

Follow Us on Google News

The security researchers have recently detected that small Qualcomm and MediaTek Wi-Fi chips are vulnerable to the latest variants of the KrØØk data exposure vulnerability.

KrØØk is a quite dangerous vulnerability, and this vulnerability has now affected more Wi-Fi chipsets that allow unauthorized decryption of some WPA2-encrypted traffic. Initially, it was discovered in February and was named “CVE-2019-15126.” 

What is KrØØk?

KrØØk is a severe vulnerability that was initially discovered in Broadcom and Cypress Wi-Fi chips. Its main function is to enable unauthorized decryption of some WPA2-encrypted wireless network systems.

- Advertisement - Google News

The devices that are flawed dispatch these vulnerabilities after successful exploitation and the attackers do so by urging them to apply the all-zero session codes to encrypt a portion of the transferred network. 

These kinds of bugs are previously being installed in the 4-way handshake, and this unsatisfactory state happens on unprotected Broadcom and Cypress chips that follow a Wi-Fi squad.

The researchers claimed that before disclosing the flaw, they worked with the affected victims through a qualified disclosure method. And after consulting the affected victims, they came to know that there are also unsafe products, and they are using the deployed patches.

Microsoft Azure Sphere, Qualcomm, and MediaTek Wi-Fi-enabled devices are also vulnerable

Apart from Broadcom and Cypress Wi-Fi chips, the ESET researchers Robert Lipovsky, and Stefan Svorencik have found the new variants of KrØØk on the Wi-Fi chips of other popular brands like Qualcomm and MediaTek. The chips of these brands were used in many places, like vehicles, travel systems, watches, laptops, smartphones, routers, and many other devices.

This new vulnerability was named, CVE-2020-3702, which is set off by detachment and commenced to some unwanted disclosure of data by dispatching unencrypted data in the place of encrypted data; worked like the KrØØk vulnerability.

This vulnerability included the ASUS RT-AC52U router and the Microsoft Azure Sphere expansion kit. This kit uses the MT3620 microcontroller, which are specifically used in the smart home, commercial, and industrial clarifications.

 Overview of KrØØk

Moreover, experts have also tested the D-Link DCH-G020 Smart Home Hub and the Czech Turris Omnia, but here the problem also involved other unpaid hardware as well. Apart from this, Qualcomm has already released a fix for its affected driver in July. 

Experts also included that there might be any other unpatched devices utilizing the vulnerable Qualcomm chipsets. But, in some cases, some devices do not use proprietary software; instead, they use open-source software like Linux-based; just as the upstream “ath9k” driver. 

The researchers affirmed that they would publish the script they are using to examine whether the devices are vulnerable to KrØØk or not. They also added tests for the newer variants and concluded by asserting that the script can be utilized by anyone to verify the exposure.

You can follow us on LinkedinTwitterFacebook for daily Cybersecurity and hacking news updates.

Latest articles

10 Best Patch Management Tools 2025

In today's digital landscape, maintaining secure and efficient IT systems is critical for organizations....

10 Best Cloud Security Solutions 2025

In today’s digital era, businesses are increasingly adopting cloud computing to store data, run...

Chinese Hackers Exploit Ivanti Connect Secure Flaw to Gain Unauthorized Access

In a sophisticated cyber-espionage operation, a group known as UNC5221, suspected to have China-nexus,...

New Android SuperCard X Malware Uses NFC-Relay Technique for POS & ATM Transactions

A new malware strain known as SuperCard X has emerged, utilizing an innovative Near-Field...

Resilience at Scale

Why Application Security is Non-Negotiable

The resilience of your digital infrastructure directly impacts your ability to scale. And yet, application security remains a critical weak link for most organizations.

Application Security is no longer just a defensive play—it’s the cornerstone of cyber resilience and sustainable growth. In this webinar, Karthik Krishnamoorthy (CTO of Indusface) and Phani Deepak Akella (VP of Marketing – Indusface), will share how AI-powered application security can help organizations build resilience by

Discussion points


Protecting at internet scale using AI and behavioral-based DDoS & bot mitigation.
Autonomously discovering external assets and remediating vulnerabilities within 72 hours, enabling secure, confident scaling.
Ensuring 100% application availability through platforms architected for failure resilience.
Eliminating silos with real-time correlation between attack surface and active threats for rapid, accurate mitigation

More like this

Critical AnythingLLM Vulnerability Exposes Systems to Remote Code Execution

A critical security flaw (CVE-2024-13059) in the open-source AI framework AnythingLLM has raised alarms across cybersecurity...

PoC Released for Linux Kernel Vulnerability Allowing Privilege Escalation

A security vulnerability, tracked as CVE-2024-53141, has recently come to light in the Linux kernel's...

Bubble.io 0-Day Flaw Lets Attackers Run Arbitrary Queries on Elasticsearch

A vulnerability in Bubble.io, a leading no-code development platform, has exposed thousands of applications...