{"id":13417,"date":"2020-02-28T19:16:52","date_gmt":"2020-02-28T18:16:52","guid":{"rendered":"http:\/\/159.69.82.204\/win\/?p=13417"},"modified":"2024-10-05T20:53:45","modified_gmt":"2024-10-05T18:53:45","slug":"cisco-and-the-kr00k-wi-fi-vulnerability","status":"publish","type":"post","link":"https:\/\/borncity.com\/win\/2020\/02\/28\/cisco-and-the-kr00k-wi-fi-vulnerability\/","title":{"rendered":"Cisco and the Kr00k Wi-Fi vulnerability"},"content":{"rendered":"<p><img loading=\"lazy\" decoding=\"async\" style=\"float: left; margin: 0px 10px 0px 0px; display: inline\" src=\"https:\/\/www.borncity.com\/blog\/wp-content\/uploads\/2015\/01\/Schutz.jpg\" width=\"40\" align=\"left\" height=\"47\">[<a href=\"https:\/\/www.borncity.com\/blog\/2020\/02\/28\/cisco-und-die-kr00k-wi-fi-schwachstelle\/\" target=\"_blank\" rel=\"noopener noreferrer\">German<\/a>]The CVE-2020-3172 vulnerability in Broadcom Wi-Fi chips also affects several Cisco products (switches, etc.). The company released a security advisory this week, but has not yet released firmware updates to close the vulnerability.<\/p>\n<p><!--more--><\/p>\n<p><img loading=\"lazy\" decoding=\"async\" alt=\"\" src=\"https:\/\/vg08.met.vgwort.de\/na\/d7936a346a09487aa0806ff5f987fe9f\" width=\"1\" height=\"1\">Regarding the vulnerability CVE-2020-3172 in Broadcom Wi-Fi chips, which became public on February 26, 2020, I already had a blog post <a href=\"https:\/\/borncity.com\/win\/2020\/02\/27\/kr00k-wi-fi-vulnerability-puts-millions-of-devices-at-risk\/\">Kr00k: Wi-Fi vulnerability puts millions of devices at risk<\/a>, where I've mentioned that Cisco is also working on patches. On Twitter the topic was already pointed out yesterday &#8211; the following tweet, for example, deals with the topic.<\/p>\n<blockquote class=\"twitter-tweet\">\n<p lang=\"en\" dir=\"ltr\">Vigil@nce <a href=\"https:\/\/twitter.com\/hashtag\/Vulnerability?src=hash&amp;ref_src=twsrc%5Etfw\">#Vulnerability<\/a> of Cisco NX-OS: code execution via Cisco Discovery Protocol. <a href=\"https:\/\/t.co\/TU7ks6Lv80\">https:\/\/t.co\/TU7ks6Lv80<\/a> Identifiers: <a href=\"https:\/\/twitter.com\/hashtag\/CVE?src=hash&amp;ref_src=twsrc%5Etfw\">#CVE<\/a>-2020-3172. <a href=\"https:\/\/twitter.com\/hashtag\/patch?src=hash&amp;ref_src=twsrc%5Etfw\">#patch<\/a> <a href=\"https:\/\/t.co\/ZzAMJYakmR\">pic.twitter.com\/ZzAMJYakmR<\/a><\/p>\n<p>\u2014 vigilance_en (@vigilance_en) <a href=\"https:\/\/twitter.com\/vigilance_en\/status\/1232955798902407168?ref_src=twsrc%5Etfw\">February 27, 2020<\/a><\/p><\/blockquote>\n<p><span id=\"preserve319f5a405cc5410b8895aa6ce657fb1c\" class=\"wlWriterPreserve\"><SCRIPT charset=\"utf-8\" src=\"https:\/\/platform.twitter.com\/widgets.js\" async><\/SCRIPT><\/span> <\/p>\n<p>On CVE-site says for <a href=\"https:\/\/cve.mitre.org\/cgi-bin\/cvename.cgi?name=CVE-2020-3172\" target=\"_blank\" rel=\"noopener noreferrer\">CVE-2020-3172<\/a>&nbsp; states that a vulnerability in the Cisco Discovery Protocol feature of Cisco FXOS Software and Cisco NX-OS Software could allow an unauthenticated remote attacker to execute arbitrary code as root or cause a Denial of Service (DoS) state on an affected device. <\/p>\n<p>The vulnerability exists due to insufficiently validated Cisco Discovery Protocol packet headers. An attacker could exploit this vulnerability by sending a prepackaged Cisco Discovery Protocol packet to an affected device adjacent to layer 2. A successful exploit could allow the attacker to cause a buffer overflow that could allow him to execute arbitrary code as root or cause a DoS condition on the affected device. <\/p>\n<blockquote>\n<p>Notes: The Cisco Discovery Protocol is a layer-2 protocol. To exploit this vulnerability, an attacker must be in the same broadcast domain as the affected device (layer 2 adjacent). <\/p>\n<\/blockquote>\n<blockquote>\n<p>This vulnerability is different from the following Cisco FXOS and NX-OS software Cisco Discovery Protocol vulnerabilities that were announced by Cisco on February 5, 2020: Cisco FXOS, IOS XR and NX-OS Software Cisco Discovery Protocol Denial of Service vulnerability and Cisco NX-OS Software Cisco Discovery Protocol Remote Code Execution vulnerability.<\/p>\n<\/blockquote>\n<p>Cisco has issued the previously mentioned security advisory Wi-Fi Protected Network and Wi-Fi Protected Network 2 Information Disclosure Vulnerability. Several WLAN Cisco products are affected by this vulnerability. A list of the affected Cisco devices can be found in the security advisory. What's silly: There are no firmware updates and no workarounds to fix this vulnerability. Cisco intends to release software updates that address this vulnerability. Bleeping Computer has published also <a href=\"https:\/\/www.bleepingcomputer.com\/news\/security\/cisco-working-on-patches-for-new-kr00k-wifi-vulnerability\/\" target=\"_blank\" rel=\"noopener noreferrer\">this article<\/a> with a summery. <\/p>\n","protected":false},"excerpt":{"rendered":"<p>[German]The CVE-2020-3172 vulnerability in Broadcom Wi-Fi chips also affects several Cisco products (switches, etc.). The company released a security advisory this week, but has not yet released firmware updates to close the vulnerability.<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[448,580,1547],"tags":[1354,642,69],"class_list":["post-13417","post","type-post","status-publish","format-standard","hentry","category-devices","category-security","category-software","tag-cisco","tag-devices","tag-security"],"_links":{"self":[{"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/posts\/13417","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/comments?post=13417"}],"version-history":[{"count":1,"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/posts\/13417\/revisions"}],"predecessor-version":[{"id":35772,"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/posts\/13417\/revisions\/35772"}],"wp:attachment":[{"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/media?parent=13417"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/categories?post=13417"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/tags?post=13417"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}