Now-Fixed WiFi Vulnerability Left Apple Devices Open to Attack - MacRumors
Skip to Content

Now-Fixed WiFi Vulnerability Left Apple Devices Open to Attack

A vulnerability in WiFi chips made by Cypress Semiconductor and Broadcom left billions of devices susceptible to an attack that allowed nearby attackers to decrypt sensitive data sent over the air.

ipad iphone duo ios 12
The security flaw was detailed at the RSA security conference today (via Ars Technica), and for Apple users, the issue was addressed in the iOS 13.2 and macOS 10.15.1 updates that were released back in late October.

Dubbed Kr00k, the WiFi chip flaw caused vulnerable devices to use an all-zero encryption key to encrypt part of a user's communications. When applied successfully, the attack let hackers decrypt some wireless network packets sent by a vulnerable device. As described by Ars Technica:

Kr00k exploits a weakness that occurs when wireless devices disassociate from a wireless access point. If either the end-user device or the access point is vulnerable, it will put any unsent data frames into a transmit buffer and then send them over the air. Rather than encrypt this data with the session key negotiated earlier and used during the normal connection, vulnerable devices use a key consisting of all zeros, a move that makes decryption trivial.

Chips from Broadcom and Cypress are used in many modern WiFi devices like smartphones, laptops, Internet of Things products, WiFi access points, and routers.

Our tests confirmed that prior to patching, some client devices by Amazon (Echo, Kindle), Apple (iPhone, iPad, MacBook), Google (Nexus), Samsung (Galaxy), Raspberry (Pi 3), Xiaomi (RedMi), as well as some access points by Asus and Huawei, were vulnerable to KrØØk. This totaled to over a billion Wi-Fi-capable devices and access points, at a conservative estimate. Further, many other vendors whose products we did not test also use the affected chipsets in their devices.

According to ESET Research, which published details on the vulnerability, it was disclosed to Broadcom and Cypress along with potentially affected parties. At this time, patches for devices from most major manufacturers have been released.

ESET Research recommends making sure all of the latest updates have been applied to WiFi capable devices to patch the vulnerability.

Popular Stories

Waze logo

5 New Waze Features Rolling Out Now: Here Are All the Details

Monday July 13, 2026 3:42 am PDT by
Google today announced that Waze is getting a handful of new features, including some Gemini-powered personalization enhancements for Conversational Reporting. Conversational Reporting already uses Gemini when users report traffic incidents like slowdowns, but now you can use it to suggest map updates like road closures or outdated addresses. Saying something like "The road is closed here"...
apple back to school sans airpods 2

Apple's 2026 Back to School Offer is Coming Soon

Sunday July 12, 2026 7:29 am PDT by
Apple's stores will be rolling out Back to School marketing materials this week, according to Bloomberg's Mark Gurman. This suggests that the offer will begin in the U.S. in the next few days. Last year, college students and educational staff could receive a free accessory like AirPods 4 or an Apple Pencil Pro with the purchase of a qualifying Mac or iPad model. The Back to School offer is in...
Mac Pro Feature Teal

Apple's M7 Ultra Chip Designed to Match a 2019 Mac Pro Feat

Sunday July 12, 2026 8:53 am PDT by
Apple's M7 Ultra chip coming in 2028 is designed to support up to 1.5TB of unified memory, according to Bloomberg's Mark Gurman. However, whether such a configuration is offered may depend on the state of the ongoing memory chip shortage. In 2019, Apple released an Intel-based Mac Pro with up to 1.5TB RAM....

Top Rated Comments

83 months ago
but we were assured that iOS devices were secure...
Score: 5 Votes (Like | Disagree)
83 months ago
Anybody know if it's fixed in Mojave 10.14.6 ?
Score: 5 Votes (Like | Disagree)
cmaier Avatar
83 months ago

They are as secure as anything else. But Apple designs some of their chips, they don't make them. Contractors do. So the vulnerabilities can still be introduced into the supply chain through the same vector; chip providers... just like the vulnerabilities can be introduced by Apple themselves... or the chip makers suppliers... or...

Most of this stuff is scarier in theory than in practice.
It would be very unlikely for a vulnerability that does not exist in the design to exist in the manufactured silicon. When we design chips, and have them made, we test them extremely thoroughly to make sure they behave identically to the RTL and simulated netlist.

And since the manufacturer does not have a simulate-able netlist, it would be very difficult to introduce intentional flaws while still maintaining full functionality so as to fool this testing.
Score: 4 Votes (Like | Disagree)
83 months ago

Anybody know if it's fixed in Mojave 10.14.6 ?
it's not there, no problem with Mojave and WiFi..

why the angry faces? Apple hasn’t confirmed it, so there’s no problem..
Score: 4 Votes (Like | Disagree)
allpar Avatar
83 months ago

this is why you keep your devices updated because of security risks - most people forget that
Yeah, well, if they make new versions compatible with old software, I can do that, but I'm not spending ten grand to move to Catalina.
Score: 3 Votes (Like | Disagree)
cmaier Avatar
83 months ago

but we were assured that iOS devices were secure...
They are as secure as anything else. This problem was caused by the chip providers (who provide the same chips to everyone else).

This is why Apple needs to continue along the path of making as many of the chips it uses itself.
Score: 3 Votes (Like | Disagree)