An issue was discovered on Broadcom Wi-Fi client devices. Specifically timed and handcrafted traffic can cause internal errors (related to state transitions) in a WLAN device that lead to improper layer 2 Wi-Fi encryption with a consequent possibility of information disclosure over the air for a discrete set of traffic, a different vulnerability than CVE-2019-9500, CVE-2019-9501, CVE-2019-9502, and CVE-2019-9503.

Metrics

No CVSS v4.0

Attack Vector Adjacent Network

Attack Complexity High

Privileges Required None

Scope Unchanged

Confidentiality Impact Low

Integrity Impact None

Availability Impact None

User Interaction None

No CVSS v3.0

Access Vector Adjacent Network

Access Complexity Medium

Authentication None

Confidentiality Impact Partial

Integrity Impact None

Availability Impact None

AV:A/AC:M/Au:N/C:P/I:N/A:N

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Affected Vendors & Products

Vendors Products
Apple
  • Ipados
  • Iphone Os
  • Mac Os X
Broadcom
  • Bcm43012
  • Bcm43012 Firmware
  • Bcm43013
  • Bcm43013 Firmware
  • Bcm4356
  • Bcm4356 Firmware
  • Bcm4375
  • Bcm43752
  • Bcm43752 Firmware
  • Bcm4375 Firmware
  • Bcm4389
  • Bcm4389 Firmware

Configuration 1 [-]

OR cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*
cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*
cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*

Configuration 2 [-]

AND
cpe:2.3:h:broadcom:bcm4389:-:*:*:*:*:*:*:*
cpe:2.3:o:broadcom:bcm4389_firmware:-:*:*:*:*:*:*:*

Configuration 3 [-]

AND
cpe:2.3:h:broadcom:bcm43012:-:*:*:*:*:*:*:*
cpe:2.3:o:broadcom:bcm43012_firmware:-:*:*:*:*:*:*:*

Configuration 4 [-]

AND
cpe:2.3:h:broadcom:bcm43013:-:*:*:*:*:*:*:*
cpe:2.3:o:broadcom:bcm43013_firmware:-:*:*:*:*:*:*:*

Configuration 5 [-]

AND
cpe:2.3:h:broadcom:bcm4375:-:*:*:*:*:*:*:*
cpe:2.3:o:broadcom:bcm4375_firmware:-:*:*:*:*:*:*:*

Configuration 6 [-]

AND
cpe:2.3:h:broadcom:bcm43752:-:*:*:*:*:*:*:*
cpe:2.3:o:broadcom:bcm43752_firmware:-:*:*:*:*:*:*:*

Configuration 7 [-]

AND
cpe:2.3:h:broadcom:bcm4356:-:*:*:*:*:*:*:*
cpe:2.3:o:broadcom:bcm4356_firmware:-:*:*:*:*:*:*:*

No data.

References
Link Providers
http://packetstormsecurity.com/files/156809/Broadcom-Wi-Fi-KR00K-Proof-Of-Concept.html cve-icon cve-icon
http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2020-003.txt cve-icon cve-icon
http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200527-01-wifi-en cve-icon cve-icon
http://www.huawei.com/en/psirt/security-notices/huawei-sn-20200228-01-kr00k-en cve-icon cve-icon
https://cert-portal.siemens.com/productcert/pdf/ssa-712518.pdf cve-icon cve-icon
https://nvd.nist.gov/vuln/detail/CVE-2019-15126 cve-icon
https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2020-0001 cve-icon cve-icon
https://support.apple.com/kb/HT210721 cve-icon cve-icon
https://support.apple.com/kb/HT210722 cve-icon cve-icon
https://support.apple.com/kb/HT210788 cve-icon cve-icon
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200226-wi-fi-info-disclosure cve-icon cve-icon
https://us-cert.cisa.gov/ics/advisories/icsa-20-224-05 cve-icon cve-icon
https://www.cve.org/CVERecord?id=CVE-2019-15126 cve-icon
https://www.mist.com/documentation/mist-security-advisory-kr00k-attack-faq/ cve-icon cve-icon
https://www.synology.com/security/advisory/Synology_SA_20_03 cve-icon cve-icon
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2020-02-05T16:17:37

Updated: 2024-08-05T00:34:53.246Z

Reserved: 2019-08-17T00:00:00

Link: CVE-2019-15126

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2020-02-05T17:15:10.443

Modified: 2020-08-11T19:15:17.033

Link: CVE-2019-15126

cve-icon Redhat

Severity : Moderate

Publid Date: 2020-02-05T00:00:00Z

Links: CVE-2019-15126 - Bugzilla