Cisco and the Kr00k Wi-Fi vulnerability

[German]The CVE-2020-3172 vulnerability in Broadcom Wi-Fi chips also affects several Cisco products (switches, etc.). The company released a security advisory this week, but has not yet released firmware updates to close the vulnerability.

Regarding the vulnerability CVE-2020-3172 in Broadcom Wi-Fi chips, which became public on February 26, 2020, I already had a blog post Kr00k: Wi-Fi vulnerability puts millions of devices at risk, where I've mentioned that Cisco is also working on patches. On Twitter the topic was already pointed out yesterday – the following tweet, for example, deals with the topic.

Vigil@nce #Vulnerability of Cisco NX-OS: code execution via Cisco Discovery Protocol. https://t.co/TU7ks6Lv80 Identifiers: #CVE-2020-3172. #patch pic.twitter.com/ZzAMJYakmR

— vigilance_en (@vigilance_en) February 27, 2020

On CVE-site says for CVE-2020-3172  states that a vulnerability in the Cisco Discovery Protocol feature of Cisco FXOS Software and Cisco NX-OS Software could allow an unauthenticated remote attacker to execute arbitrary code as root or cause a Denial of Service (DoS) state on an affected device.

The vulnerability exists due to insufficiently validated Cisco Discovery Protocol packet headers. An attacker could exploit this vulnerability by sending a prepackaged Cisco Discovery Protocol packet to an affected device adjacent to layer 2. A successful exploit could allow the attacker to cause a buffer overflow that could allow him to execute arbitrary code as root or cause a DoS condition on the affected device.

Notes: The Cisco Discovery Protocol is a layer-2 protocol. To exploit this vulnerability, an attacker must be in the same broadcast domain as the affected device (layer 2 adjacent).

This vulnerability is different from the following Cisco FXOS and NX-OS software Cisco Discovery Protocol vulnerabilities that were announced by Cisco on February 5, 2020: Cisco FXOS, IOS XR and NX-OS Software Cisco Discovery Protocol Denial of Service vulnerability and Cisco NX-OS Software Cisco Discovery Protocol Remote Code Execution vulnerability.

Cisco has issued the previously mentioned security advisory Wi-Fi Protected Network and Wi-Fi Protected Network 2 Information Disclosure Vulnerability. Several WLAN Cisco products are affected by this vulnerability. A list of the affected Cisco devices can be found in the security advisory. What's silly: There are no firmware updates and no workarounds to fix this vulnerability. Cisco intends to release software updates that address this vulnerability. Bleeping Computer has published also this article with a summery.