CVE-2019-15126

low
New! CVE Severity Now Using CVSS v3

The calculated severity for CVEs has been updated to use CVSS v3 by default. CVEs that do not have a CVSS v3 score will fall back CVSS v2 for calculating severity. Severity display preferences can be toggled in the settings dropdown.

Description

An issue was discovered on Broadcom Wi-Fi client devices. Specifically timed and handcrafted traffic can cause internal errors (related to state transitions) in a WLAN device that lead to improper layer 2 Wi-Fi encryption with a consequent possibility of information disclosure over the air for a discrete set of traffic, a different vulnerability than CVE-2019-9500, CVE-2019-9501, CVE-2019-9502, and CVE-2019-9503.

References

http://packetstormsecurity.com/files/156809/Broadcom-Wi-Fi-KR00K-Proof-Of-Concept.html

http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2020-003.txt

http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200527-01-wifi-en

http://www.huawei.com/en/psirt/security-notices/huawei-sn-20200228-01-kr00k-en

https://cert-portal.siemens.com/productcert/pdf/ssa-712518.pdf

https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2020-0001

https://support.apple.com/kb/HT210721

https://support.apple.com/kb/HT210722

https://support.apple.com/kb/HT210788

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200226-wi-fi-info-disclosure

https://us-cert.cisa.gov/ics/advisories/icsa-20-224-05

https://www.mist.com/documentation/mist-security-advisory-kr00k-attack-faq/

https://www.synology.com/security/advisory/Synology_SA_20_03

Details

Source: MITRE

Published: 2020-02-05

Updated: 2020-08-11

Type: CWE-367

Risk Information

CVSS v2

Base Score: 2.9

Vector: AV:A/AC:M/Au:N/C:P/I:N/A:N

Impact Score: 2.9

Exploitability Score: 5.5

Severity: LOW

CVSS v3

Base Score: 3.1

Vector: CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N

Impact Score: 1.4

Exploitability Score: 1.6

Severity: LOW

Vulnerable Software

Configuration 1

OR

cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*

cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*

cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*

Configuration 2

AND

OR

cpe:2.3:o:broadcom:bcm4389_firmware:-:*:*:*:*:*:*:*

OR

cpe:2.3:h:broadcom:bcm4389:-:*:*:*:*:*:*:*

Configuration 3

AND

OR

cpe:2.3:o:broadcom:bcm43012_firmware:-:*:*:*:*:*:*:*

OR

cpe:2.3:h:broadcom:bcm43012:-:*:*:*:*:*:*:*

Configuration 4

AND

OR

cpe:2.3:o:broadcom:bcm43013_firmware:-:*:*:*:*:*:*:*

OR

cpe:2.3:h:broadcom:bcm43013:-:*:*:*:*:*:*:*

Configuration 5

AND

OR

cpe:2.3:o:broadcom:bcm4375_firmware:-:*:*:*:*:*:*:*

OR

cpe:2.3:h:broadcom:bcm4375:-:*:*:*:*:*:*:*

Configuration 6

AND

OR

cpe:2.3:o:broadcom:bcm43752_firmware:-:*:*:*:*:*:*:*

OR

cpe:2.3:h:broadcom:bcm43752:-:*:*:*:*:*:*:*

Configuration 7

AND

OR

cpe:2.3:o:broadcom:bcm4356_firmware:-:*:*:*:*:*:*:*

OR

cpe:2.3:h:broadcom:bcm4356:-:*:*:*:*:*:*:*

Tenable Plugins

View all (2 total)

IDNameProductFamilySeverity
130967macOS 10.15.x < 10.15.1 / 10.14.x < 10.14.6 Security Update 2019-001 / 10.13.x < 10.13.6 Security Update 2019-006NessusMacOS X Local Security Checks
critical
130461Apple iOS < 13.2 Multiple VulnerabilitiesNessusMobile Devices
high