Now-Fixed WiFi Vulnerability Left Apple Devices Open to Attack

by

A vulnerability in WiFi chips made by Cypress Semiconductor and Broadcom left billions of devices susceptible to an attack that allowed nearby attackers to decrypt sensitive data sent over the air.

ipad iphone duo ios 12
The security flaw was detailed at the RSA security conference today (via Ars Technica), and for Apple users, the issue was addressed in the iOS 13.2 and macOS 10.15.1 updates that were released back in late October.

Dubbed Kr00k, the WiFi chip flaw caused vulnerable devices to use an all-zero encryption key to encrypt part of a user's communications. When applied successfully, the attack let hackers decrypt some wireless network packets sent by a vulnerable device. As described by Ars Technica:

Kr00k exploits a weakness that occurs when wireless devices disassociate from a wireless access point. If either the end-user device or the access point is vulnerable, it will put any unsent data frames into a transmit buffer and then send them over the air. Rather than encrypt this data with the session key negotiated earlier and used during the normal connection, vulnerable devices use a key consisting of all zeros, a move that makes decryption trivial.

Chips from Broadcom and Cypress are used in many modern WiFi devices like smartphones, laptops, Internet of Things products, WiFi access points, and routers.

Our tests confirmed that prior to patching, some client devices by Amazon (Echo, Kindle), Apple (iPhone, iPad, MacBook), Google (Nexus), Samsung (Galaxy), Raspberry (Pi 3), Xiaomi (RedMi), as well as some access points by Asus and Huawei, were vulnerable to KrØØk. This totaled to over a billion Wi-Fi-capable devices and access points, at a conservative estimate. Further, many other vendors whose products we did not test also use the affected chipsets in their devices.

According to ESET Research, which published details on the vulnerability, it was disclosed to Broadcom and Cypress along with potentially affected parties. At this time, patches for devices from most major manufacturers have been released.

ESET Research recommends making sure all of the latest updates have been applied to WiFi capable devices to patch the vulnerability.

Top Rated Comments

Cosmosent Avatar
Cosmosent
47 months ago
Anybody know if it's fixed in Mojave 10.14.6 ?
Score: 5 Votes (Like | Disagree)
now i see it Avatar
now i see it
47 months ago
but we were assured that iOS devices were secure...
Score: 5 Votes (Like | Disagree)
cmaier Avatar
cmaier
47 months ago

They are as secure as anything else. But Apple designs some of their chips, they don't make them. Contractors do. So the vulnerabilities can still be introduced into the supply chain through the same vector; chip providers... just like the vulnerabilities can be introduced by Apple themselves... or the chip makers suppliers... or...

Most of this stuff is scarier in theory than in practice.
It would be very unlikely for a vulnerability that does not exist in the design to exist in the manufactured silicon. When we design chips, and have them made, we test them extremely thoroughly to make sure they behave identically to the RTL and simulated netlist.

And since the manufacturer does not have a simulate-able netlist, it would be very difficult to introduce intentional flaws while still maintaining full functionality so as to fool this testing.
Score: 4 Votes (Like | Disagree)
1345873 Avatar
1345873
47 months ago

Anybody know if it's fixed in Mojave 10.14.6 ?
it's not there, no problem with Mojave and WiFi..

why the angry faces? Apple hasn’t confirmed it, so there’s no problem..
Score: 4 Votes (Like | Disagree)
allpar Avatar
allpar
47 months ago

this is why you keep your devices updated because of security risks - most people forget that
Yeah, well, if they make new versions compatible with old software, I can do that, but I'm not spending ten grand to move to Catalina.
Score: 3 Votes (Like | Disagree)
iapplelove Avatar
iapplelove
47 months ago

No we were assured that “what happens on the iPhone stays in the iPhone” and “it just works”.
I never understood the “ what happens on my iPhone stays on my iPhone” campaign.
Doesnt make much sense to me when I rely on iCloud so much.
Score: 3 Votes (Like | Disagree)
Read All Comments

Popular Stories

iOS 17

Apple Releases iOS 17.0.2 and iPadOS 17.0.2 for All iPhones and iPads

Tuesday September 26, 2023 12:47 pm PDT by
Apple today released iOS 17.0.2 and iPadOS 17.0.2 updates, with the software coming five days after the releases of iOS 17.0.1 and iPadOS 17.0.1. Today's iOS 17.0.2 and iPadOS 17.0.2 updates arrive as build 21A351 and can be downloaded on eligible iPhones and iPads over-the-air by going to Settings > General > Software Update. Note that iOS 17.0.2 was previously made available for iPhone...
Read Full Article102 comments
Apple WWDC23 macOS Sonoma hero

macOS Sonoma Launching This Week With These New Features

Sunday September 24, 2023 12:45 pm PDT by
Apple previously announced that macOS Sonoma will be released this Tuesday, September 26. The free software update includes many new features and changes for the Mac, including the five that we have highlighted below. In addition to these five features, we have shared the full release notes for macOS Sonoma below for a complete overview of everything new. Desktop Widgets macOS Sonoma...
Read Full Article284 comments
iPhone 15 Pro Lineup Feature

Kuo: iPhone 15 Pro Overheating Issues Likely Due to Thermal Compromises, Not 3nm Node

Tuesday September 26, 2023 9:12 am PDT by
Complaints about heat issues with the iPhone 15 Pro models are not related to TSMC's 3-nanometer node that was used for the A17 Pro chip, according to well-respected Apple analyst Ming-Chi Kuo. Kuo says that overheating could be caused by "compromises made in the thermal system design" that allowed Apple to cut down on the weight of the iPhone 15 Pro models. Kuo says that the reduced heat...
Read Full Article459 comments
iPhone 16 Side Feature

iPhone 16 to Include an Additional Capacitive 'Capture' Button

Monday September 25, 2023 12:50 pm PDT by
The iPhone 16 series is expected to gain an additional capacitive button, known internally as the "Capture Button." Codenamed "Project Nova," the button is likely to be one of the main selling points of the iPhone 16 lineup, assuming it gets past the initial testing phase. The Capture Button is located on the same side as the Power button, only positioned slightly lower - where the mmWave cutout...
Read Full Article202 comments
ipad mini blue

Apple to Launch iPad Mini 7 Later This Year, Industry Report Suggests

Monday September 25, 2023 3:16 am PDT by
Apple could be preparing to release a seventh-generation iPad mini before the end of the year, based on a new report by DigiTimes. In an article discussing stagnating global tablet demand in the second half of 2023, the Taiwan-based outlet forecasts an uptick in Apple's share of the market owing to orders for a "small-size" iPad in the fourth quarter. From the report (see bold): In the...
Read Full Article131 comments
macos sonoma 4

Apple Releases macOS Sonoma With New Widget Features, Safari Updates, Screen Sharing Improvements and More

Tuesday September 26, 2023 10:01 am PDT by
Apple today released macOS 14 Sonoma, the newest version of the operating system that runs on the Mac. macOS Sonoma has been in beta testing for several months, and it is compatible with the 2019 and later iMac, the iMac Pro, the 2018 and later Mac mini, the 2018 and later MacBook Pro, the 2019 and later Mac Pro, and the Mac Studio. The ‌macOS Sonoma update can be downloaded for free on...
Read Full Article277 comments