During the RSA conference of February 26th 2020, researchers Štefan Svorencík and Robert Lipovsky disclosed a vulnerability in the implementation of the wireless egress packet processing of certain Broadcom Wi-Fi chipsets. This vulnerability is referenced as CVE-2019-15126 and could allow an unauthenticated, adjacent attacker to decrypt Wi-Fi frames without the knowledge of the wireless security key. Fortinet Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of this vulnerability. Only products listed in the Affected Products section of this advisory are potentially impacted by this vulnerability.

CPENameOperatorVersion
fortiap-ueq6.0.2
fortiap-ueq6.0.1
fortiap-ueq6.0.0
fortiap-ueq5.4.6
meru apeq8.5.1
meru apeq8.4.6

Name	Operator	Version
fortiap-u	eq	6.0.2
fortiap-u	eq	6.0.1
fortiap-u	eq	6.0.0
fortiap-u	eq	5.4.6
meru ap	eq	8.5.1
meru ap	eq	8.4.6

openvas 16

ics 1

nessus 17

mageia 2

suse 2

hp 1

githubexploit 4

thn 1

trendmicroblog 1

schneier 1

huawei 1

packetstorm 1

threatpost 1

exploitpack 1

cisco 1

kitploit 1

mscve 1

kaspersky 1

zdt 1

exploitdb 1

cve 1

cvelist 1

redhatcve 1

nvd 1

attackerkb 1

prion 1

avleonov 1

apple 6

rapid7blog 1

openvas

Huawei Data Communication: Information Disclosure Vulnerability (huawei-sa-20200527-01-wifi-en, Kr00k)

2023-02-01 00:00:00

SUSE: Security Advisory (SUSE-SU-2021:4201-1)

2022-01-01 00:00:00

Mageia: Security Advisory (MGASA-2021-0104)

2022-01-28 00:00:00

ics

Siemens SIMATIC, SIMOTICS (Update A)

2020-12-08 12:00:00

nessus

RHEL 7 : linux-firmware (Unpatched Vulnerability)

2024-05-11 00:00:00

RHEL 8 : linux-firmware (Unpatched Vulnerability)

2024-05-11 00:00:00

RHEL 8 : linux-firmware (Unpatched Vulnerability)

2024-06-03 00:00:00

mageia

Updated nonfree firmware packages fix security vulnerability

2021-03-04 15:26:19

Updated nonfree firmware packages fix security vulnerability

2021-03-04 15:26:19

suse

Security update for kernel-firmware (low)

2021-12-31 00:00:00

Security update for the Linux Kernel (critical)

2022-02-10 00:00:00

HPSBPI03687 rev. 3 - Certain HP LaserJet Printer and MFP Products and JetDirect Print Server Products - Information Disclosure

2020-09-15 00:00:00

githubexploit

Exploit for Time-of-check Time-of-use (TOCTOU) Race Condition in Apple Ipados

2020-03-18 16:25:28

Exploit for Time-of-check Time-of-use (TOCTOU) Race Condition in Apple Ipados

2020-03-13 14:53:54

Exploit for Time-of-check Time-of-use (TOCTOU) Race Condition in Broadcom Bcm4389 Firmware

2020-04-05 17:46:41

thn

New Wi-Fi Encryption Vulnerability Affects Over A Billion Devices

2020-02-26 18:15:00

trendmicroblog

This Week in Security News: Trend Micro Detects a 10 Percent Rise in Ransomware in 2019 and New Wi-Fi Encryption Vulnerability Affects Over a Billion Devices

2020-02-28 13:56:27

schneier

Wi-Fi Chip Vulnerability

2020-03-03 12:43:15

huawei

Security Advisory - Kr00k Vulnerability in Broadcom Wi-Fi chips

2020-05-27 00:00:00

packetstorm

Broadcom Wi-Fi KR00K Proof Of Concept

2020-03-19 00:00:00

threatpost

Billions of Devices Open to Wi-Fi Eavesdropping Attacks

2020-02-27 04:07:18

exploitpack

Broadcom Wi-Fi Devices - KR00K Information Disclosure

2020-03-18 00:00:00

cisco

Wi-Fi Protected Network and Wi-Fi Protected Network 2 Information Disclosure Vulnerability

2020-02-27 00:00:00

kitploit

R00Kie-Kr00Kie - PoC Exploit For The CVE-2019-15126 Kr00K Vulnerability

2020-03-30 20:30:00

mscve

MITRE: CVE-2019-15126 Specifically timed and handcrafted traffic can cause internal errors (related to state transitions) in a WLAN device

2023-02-14 08:00:00

kaspersky

KLA20228 OSI vulnerability in Microsoft Device

2023-02-14 00:00:00

zdt

Broadcom Wi-Fi Devices - (KR00K) Information Disclosure Exploit

2020-03-19 00:00:00

exploitdb

Broadcom Wi-Fi Devices - 'KR00K Information Disclosure

2020-03-18 00:00:00

cve

CVE-2019-15126

2020-02-05 17:15:10

cvelist

CVE-2019-15126

2020-02-05 16:17:37

redhatcve

CVE-2019-15126

2020-03-06 16:40:50

nvd

CVE-2019-15126

2020-02-05 17:15:10

attackerkb

CVE-2019-15126 aka Kr00k

2020-02-05 00:00:00

prion

Information disclosure

2020-02-05 17:15:00

avleonov

Microsoft Patch Tuesday February 2023: Win Graphics RCE, Edge RCE, Publisher SFB, CLFS EoP, Exchange RCEs, Word RCE, HoloLens1

2023-02-26 16:37:52

apple

About the security content of iOS 13.2 and iPadOS 13.2

2019-10-28 00:00:00

About the security content of iOS 13.2 and iPadOS 13.2 - Apple Support

2020-04-05 02:40:44

About the security content of macOS Catalina 10.15.2, Security Update 2019-002 Mojave, Security Update 2019-007 High Sierra - Apple Support

2020-11-12 07:38:35

rapid7blog

Patch Tuesday - February 2023

2023-02-15 00:41:59

Solutions

Vulnerabilities intelligence
Perimeter control tool
Linux scanner
Windows scanner
Developers SDK
Security Intelligence feeds

Database

Vulnerabilities
Exploits
Security News
BugBounty
Wild Exploited
Top Vulnerabilities
CVE Feed

Resources

Statics & Sources
Plugins
API docs
FAQ
Blog
Glossary

Company

About
Contacts
Pricing
EULA
Privacy Policy
Submission Policy
OpenSource

@2024 Vulners Inc

0.007 Low

EPSS

Percentile

80.0%

JSON

Related for FG-IR-20-035