For reference purposes, the KRACKattack discovered by Belgian researchers Mathy Vanhoef and Frank Piessens in 2017 has a medium security risk severity score of 6.8Įven though Kr00k is a low-risk vulnerability, rest assured that Extreme Networks and our peers in the industry take this risk very seriously. As you can see in Figure 1, the CVSS score of 3.1 for Kr00K is considered low. CVSS assigns severity scores to vulnerabilities, which helps responders prioritize responses to security threats. The Common Vulnerability Scoring System (CVSS) is a free and open industry standard for assessing the severity of computer system security vulnerabilities. Now the good news, this vulnerability is low-risk, and there is no reason to panic because simple firmware patches will address the problem. Additionally, this vulnerability affects the radios in many access points, including some models of Extreme APs that use a Broadcom chipset. Kr00k – formally known as CVE-2019-15126 – is a vulnerability in Broadcom and Cypress Wi-Fi radio chips that allow unauthorized decryption of some WPA2-encrypted traffic.įirst, the bad news, this vulnerability affects all unpatched devices that use these chipsets, and it literally affects billion of Wi-Fi client devices, including Amazon Echos and Kindles, Apple iPhones and iPads, Samsung Galaxy devices and many more. At the RSA 2020 security conference in San Francisco researchers from a Slovak antivirus company, ESET, presented details about a new Wi-Fi communications vulnerability.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. Archives
January 2023
Categories |