CVE-2019-15126

Published: Feb 5, 2020Modified: Nov 21, 2024

3.1

Vector

CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N

Exploitability: 1.6 / Impact: 1.4

Source: NVD

Description

An issue was discovered on Broadcom Wi-Fi client devices. Specifically timed and handcrafted traffic can cause internal errors (related to state transitions) in a WLAN device that lead to improper layer 2 Wi-Fi encryption with a consequent possibility of information disclosure over the air for a discrete set of traffic, a different vulnerability than CVE-2019-9500, CVE-2019-9501, CVE-2019-9502, and CVE-2019-9503.

Affected (9)

Products: Apple: Ipados, Iphone Os, Mac Os X · Broadcom: Bcm4389 Firmware, Bcm43012 Firmware, Bcm43013 Firmware, Bcm4375 Firmware, Bcm43752 Firmware, Bcm4356 Firmware

3 products

6 products

Bcm4389 Firmware

Bcm43012 Firmware

Bcm43013 Firmware

Bcm4375 Firmware

Bcm43752 Firmware

Bcm4356 Firmware

Configuration A

3 vulnerable

Vulnerable Software	Affected Versions
Apple Ipados	Before 13.2
Apple Iphone Os	Before 13.2
Apple Mac Os X	Before 10.15.1

Configuration B

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Broadcom Bcm4389 Firmware	All versions

Running on/with	Platform Versions
Broadcom Bcm4389	All versions

Configuration C

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Broadcom Bcm43012 Firmware	All versions

Running on/with	Platform Versions
Broadcom Bcm43012	All versions

Configuration D

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Broadcom Bcm43013 Firmware	All versions

Running on/with	Platform Versions
Broadcom Bcm43013	All versions

Configuration E

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Broadcom Bcm4375 Firmware	All versions

Running on/with	Platform Versions
Broadcom Bcm4375	All versions

Configuration F

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Broadcom Bcm43752 Firmware	All versions

Running on/with	Platform Versions
Broadcom Bcm43752	All versions

Configuration G

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Broadcom Bcm4356 Firmware	All versions

Running on/with	Platform Versions
Broadcom Bcm4356	All versions

Related CWEs

Time-of-check Time-of-use (TOCTOU) Race Condition

The product checks the state of a resource before using that resource, but the resource's state can change between the check and the use in a way that invalidates the results of the check. This can cause the product to perform invalid actions when the resource is in an unexpected state.

References (26)

http://packetstormsecurity.com/files/156809/Broadcom-Wi-Fi-KR00K-Proof-Of-Concept.html

Source: cve@mitre.org

http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2020-003.txt

Source: cve@mitre.org

http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200527-01-wifi-en

Source: cve@mitre.org

http://www.huawei.com/en/psirt/security-notices/huawei-sn-20200228-01-kr00k-en

Source: cve@mitre.org

https://cert-portal.siemens.com/productcert/pdf/ssa-712518.pdf

Source: cve@mitre.org

https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2020-0001

Source: cve@mitre.org

https://support.apple.com/kb/HT210721

Source: cve@mitre.org

Third Party Advisory

https://support.apple.com/kb/HT210722

Source: cve@mitre.org

Third Party Advisory

https://support.apple.com/kb/HT210788

Source: cve@mitre.org

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200226-wi-fi-info-disclosure

Source: cve@mitre.org

https://us-cert.cisa.gov/ics/advisories/icsa-20-224-05

Source: cve@mitre.org

https://www.mist.com/documentation/mist-security-advisory-kr00k-attack-faq/

Source: cve@mitre.org

https://www.synology.com/security/advisory/Synology_SA_20_03

Source: cve@mitre.org

http://packetstormsecurity.com/files/156809/Broadcom-Wi-Fi-KR00K-Proof-Of-Concept.html

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2020-003.txt

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200527-01-wifi-en

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.huawei.com/en/psirt/security-notices/huawei-sn-20200228-01-kr00k-en

Source: af854a3a-2127-422b-91ae-364da2661108

https://cert-portal.siemens.com/productcert/pdf/ssa-712518.pdf

Source: af854a3a-2127-422b-91ae-364da2661108

https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2020-0001

Source: af854a3a-2127-422b-91ae-364da2661108

https://support.apple.com/kb/HT210721

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party Advisory

https://support.apple.com/kb/HT210722

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party Advisory

https://support.apple.com/kb/HT210788

Source: af854a3a-2127-422b-91ae-364da2661108

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200226-wi-fi-info-disclosure

Source: af854a3a-2127-422b-91ae-364da2661108

https://us-cert.cisa.gov/ics/advisories/icsa-20-224-05

Source: af854a3a-2127-422b-91ae-364da2661108

https://www.mist.com/documentation/mist-security-advisory-kr00k-attack-faq/

Source: af854a3a-2127-422b-91ae-364da2661108

https://www.synology.com/security/advisory/Synology_SA_20_03

Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.