topic Re: Kr00k wireless vulnerability in Wireless

Kr00k wireless vulnerability

jgbright — Thu, 27 Feb 2020 19:01:15 GMT

Cisco has identified 14 wireless devices so far that are vulnerable to the new Kr00k vulnerability (CVE-2019-15126)

https://www.bleepingcomputer.com/news/security/cisco-working-on-patches-for-new-kr00k-wifi-vulnerability/

No mention of any Meraki wireless equipment yet.

Has anybody heard differently yet?

Re: Kr00k wireless vulnerability

daviscot — Thu, 27 Feb 2020 19:07:57 GMT

I have not heard any reports of Meraki APs being affected but will double check. All of the recent and current APs do not use Broadcom or Cypress chipsets and are not vulnerable, but some of the older End-of-Sale APs had Broadcom, that's what I'll check on and get back to you.

Re: Kr00k wireless vulnerability

jgbright — Thu, 27 Feb 2020 19:09:03 GMT

And here's the link to the Cisco announcement:

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200226-wi-fi-info-disclosure

Re: Kr00k wireless vulnerability

aneduzhk — Thu, 27 Feb 2020 19:15:48 GMT

This is being accessed by our Security Team. Updates to follow.

Re: Kr00k wireless vulnerability

Nolan H. — Thu, 27 Feb 2020 19:16:13 GMT

I was going to say, Meraki uses Qualcomm so they should not be affected

Re: Kr00k wireless vulnerability

aneduzhk — Mon, 02 Mar 2020 21:30:11 GMT

Meraki is aware of the CVE-2019-15126 vulnerability (also commonly known as Kr00k). At this time, Meraki is evaluating the impact and the affected products (if any). We will provide updates as we make progress to ensure the security of our products.

Re: Kr00k wireless vulnerability

aneduzhk — Fri, 06 Mar 2020 16:58:16 GMT

Update:

None of our orderable 802.11ac Wave 2 (MR20, MR33, MR30H, MR42, MR52, MR53, MR42E, MR53E, MR70, MR74, MR84) or 802.11ax (WiFi-6) Access Points (MR45, MR55, MR36, MR46, MR56) are susceptible to this vulnerability.

Older APs not listed above may be affected, and more updates on those SKUs will be provided soon.

Re: Kr00k wireless vulnerability

Nolan H. — Fri, 06 Mar 2020 17:05:28 GMT

Thank you for the update @aneduzhk

Re: Kr00k wireless vulnerability

JoshBarfield — Mon, 16 Mar 2020 15:11:51 GMT

Any further updates on other SKUs, @aneduzhk? Is there an official source for information on this issue?

Re: Kr00k wireless vulnerability

aneduzhk — Fri, 20 Mar 2020 21:50:04 GMT

Still in progress. We are in uncharted territory right now with the global coronavirus pandemic, so we should expect responses to/from other teams that are involved to be delayed. I hope you understand. Thanks.

Re: Kr00k wireless vulnerability

aneduzhk — Thu, 23 Apr 2020 23:21:06 GMT

Cisco Meraki Customer Advisories page has been updated with the relevant information.

Re: Kr00k wireless vulnerability

CMR — Tue, 28 Apr 2020 07:56:47 GMT

A quick summary:

WPA2 security can be bypassed on some devices.

For the MX64W and MX65W you need 15.28 to no longer be vulnerable.

For the MR26, MR32, MR34 and MR72 you need 26.8, which is due to be available in May.

Boy, am I glad we are in lockdown, we have ~30 affected devices and our corporate SSID currently uses WPA2!

Re: Kr00k wireless vulnerability

Prateek Maheshwari — Tue, 28 Apr 2020 21:06:13 GMT

Yes, you right,

I also didn't face any vulnerability in our environment. And didn't get any update from Meraki side.

Re: Kr00k wireless vulnerability

daviscot — Tue, 05 May 2020 20:27:04 GMT

@jgbright just wanted to come back and close the loop on this one regarding kr00k (CVE ID: CVE-2019-15126, CVSSv3 Base Score: 3.1) that hit back in late February. Meraki MR26, MR32, MR34 and MR72 and MX64W, MX65W use the impacted chips and are affected by this vulnerability.

More info here.

https://documentation.meraki.com/zGeneral_Administration/Privacy_and_Security/FullMAC_Wi-Fi_chipsets_vulnerability_(kr00k)

and

https://meraki.cisco.com/blog/cisco-meraki-customer-advisories/

Re: Kr00k wireless vulnerability

anythinghosted — Wed, 06 May 2020 08:11:55 GMT

Version 26.8 now available to upgrade.

Looks like it's also the initial stable firmware for some unreleased access points too ... unless I've missed a webinar.

Re: Kr00k wireless vulnerability

aneduzhk — Wed, 06 May 2020 16:11:57 GMT

This is correct. Initial stable firmware for MR46E/MR76/MR86 upcoming APs 😎

Re: Kr00k wireless vulnerability

aneduzhk — Wed, 06 May 2020 16:12:55 GMT

@jgbright this thread should be good to close, I believe?

Re: Kr00k wireless vulnerability

CarolineS-Meraki — Wed, 06 May 2020 16:34:25 GMT

@aneduzhk wrote:

@jgbright this thread should be good to close, I believe?

I'm going to go ahead and mark @daviscot's response as the solution for better visibility when people happen upon this thread. @jgbright do let us know if you need any further info though!