Cisco Bug: CSCvs87874 - Evaluation of rv215w for Kr00k attack - CVE-2019-15126
May 31, 2020
- Cisco Small Business RV Series Routers
Known Affected Releases
Symptom: On February 26th, 2020 security researchers disclosed a vulnerability in the implementation of the wireless egress packet processing of certain Wi-Fi chipsets manufactured by Broadcom and Cypress Semiconductor. This vulnerability could allow an unauthenticated, adjacent attacker to decrypt Wi-Fi frames without the knowledge of the Wireless Protected Access (WPA) or Wireless Protected Access 2 (WPA2) Pairwise Temporal Key (PTK) used to secure the Wi-Fi network. The vulnerability is known as Kr00k and is identified by the following Common Vulnerability and Exposures (CVE) ID: CVE-2019-15126 The product Cisco Small Business RV Series RV215W Wireless-N VPN Router embeds a wireless chipset affected by the vulnerability described above, Cisco has assessed the impact to the product and confirmed that is affected. This advisory is available at the following link: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200226-wi-fi-info-disclosure Conditions: Please refer to the Security Advisory.
Bug details contain sensitive information and therefore require a Cisco.com account to be viewed.
Bug Details Include
- Full Description (including symptoms, conditions and workarounds)
- Known Fixed Releases
- Related Community Discussions
- Number of Related Support Cases