1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.
Dismiss Notice

Welcome To SNBForums

SNBForums is a community for anyone who wants to learn about or discuss the latest in wireless routers, network storage and the ins and outs of building and maintaining a small network.

If you'd like to post a question, simply register and have at it!

While you're at it, please check out SmallNetBuilder for product reviews and our famous Router Charts, Ranker and plenty more!

Kr00k protection for ASUS routers?

Discussion in 'Asuswrt-Merlin' started by XIII, Feb 26, 2020.

  1. XIII

    XIII Very Senior Member

    Joined:
    Feb 27, 2014
    Messages:
    1,081
  2. mteicher

    mteicher Regular Contributor

    Joined:
    Aug 30, 2014
    Messages:
    91
    https://nvd.nist.gov/vuln/detail/CVE-2019-15126


    https://apnews.com/Business Wire/077a62cfbba640ba8e7445efd3299778
    Kr00k affects all devices with Broadcom and Cypress Wi-Fi chips that remain unpatched. These are the most common Wi-Fi chips used in today’s client devices. Wi-Fi access points and routers are also affected by the vulnerability, making even environments with patched client devices vulnerable. ESET tested and confirmed that among the vulnerable devices were client devices by Amazon (Echo, Kindle), Apple (iPhone, iPad, MacBook), Google (Nexus), Samsung (Galaxy), Raspberry (Pi 3) and Xiaomi (Redmi), as well as access points by Asus and Huawei.

    ESET responsibly disclosed the vulnerability to the chip manufacturers Broadcom and Cypress, who subsequently released patches.

    https://www.bleepingcomputer.com/ne...dcom-cypress-wifi-chips-leaks-sensitive-info/

    This one lists some devices.
     
    Last edited: Feb 26, 2020
  3. Makaveli

    Makaveli Very Senior Member

    Joined:
    Nov 4, 2016
    Messages:
    676
    Location:
    Canada
    only the Asus RT-N12 is listed there for Asus.
     
  4. Ronald Schwerer

    Ronald Schwerer Senior Member

    Joined:
    Jan 8, 2017
    Messages:
    446
    Thanks for jumpimg right in and clarifying that. Who knew?
     
  5. Makaveli

    Makaveli Very Senior Member

    Joined:
    Nov 4, 2016
    Messages:
    676
    Location:
    Canada
    lol I didn't notice that at the end of his post.

    As I wrote that reply while multitasking at work :)
     
    Last edited: Feb 26, 2020
    Ronald Schwerer likes this.
  6. rolandet

    rolandet New Around Here

    Joined:
    Feb 26, 2020
    Messages:
    2
    All the ASUS routers/access points use the Broadcom chipset so I can’t imagine that the other router/access points would not be affected. Perhaps that was the only model that they tested.
     
  7. TotalRouterNoob

    TotalRouterNoob New Around Here

    Joined:
    Jan 27, 2020
    Messages:
    7
    I'm wondering the same thing as the OP. Does anyone know if Asus and/or Merlin has patched it's routers for kr00k? My RT-AC68U must be vulnerable because it's Broadcom based.
     
    Doug Nix likes this.
  8. Chris_J

    Chris_J Regular Contributor

    Joined:
    Dec 10, 2019
    Messages:
    100
    Location:
    UK
    I would have thought this would be patched where necessary. I did try this attack on my own network, when I used to have a AC87U, and I vaguely remember it not working. That doesn't necessarily mean it is patched though. I'm sure the others will know better.
     
  9. RMerlin

    RMerlin Super Moderator

    Joined:
    Apr 14, 2012
    Messages:
    32,452
    Location:
    Canada
    Broadcom makes tons of different chips. Some are clients, some are AP. That report provides very little information on which specific chips are affected (and the few they list are all older or client-only chip). I don't see for instance the BCM4366 used by the RT-AC88U.

    Only Broadcom and/or Eset would know anything more.
     
    gfondeur, L&LD and Makaveli like this.
  10. Makaveli

    Makaveli Very Senior Member

    Joined:
    Nov 4, 2016
    Messages:
    676
    Location:
    Canada
    You are right I was trying to find more info on this last night.

    This CVE posted above looks to have some of the chipsets listed but we still need more info.

    https://nvd.nist.gov/vuln/detail/CVE-2019-15126
     
    L&LD likes this.
  11. Pitchounet

    Pitchounet New Around Here

    Joined:
    Oct 16, 2019
    Messages:
    2
    Thanks for the infos. I was looking for this. Thank you.
     
  12. TotalRouterNoob

    TotalRouterNoob New Around Here

    Joined:
    Jan 27, 2020
    Messages:
    7
    I contacted Asus chat support and asked if the RT-AC68U was affected by this CVE and if there was a firmware update to fix it. He gave me a canned response to update to the latest firmware and I asked him if he knew for sure that the latest Asus firmware fixed it (on Asus' firmware download page it does not list this CVE as being fixed in the last few firmware updates for my router) and he admitted that he didn't know and that he didn't find any official response to this as yet. He emailed me a form to fill out to elevate my question to a software engineer. I have sent the form back and will post their response when I get one.
     
    Makaveli likes this.
  13. Frankflash

    Frankflash Regular Contributor

    Joined:
    Feb 2, 2019
    Messages:
    144
    Location:
    nz
    you can always email jack cheng asus asustraila rep
     
  14. TotalRouterNoob

    TotalRouterNoob New Around Here

    Joined:
    Jan 27, 2020
    Messages:
    7
    Sorry for my ignorance but where do I get his email address?

    Asus support is now asking for my router config file, etc. and I don't see why they'd need that. They should be able to figure out if their routers are vulnerable to a particular CVE or not. I've already told them which firmware I'm using at this time. I don't feel comfortable emailing my config file around the internet.
     
    L&LD likes this.
  15. Frankflash

    Frankflash Regular Contributor

    Joined:
    Feb 2, 2019
    Messages:
    144
    Location:
    nz

    try [email protected]
     
  16. Andy Krop

    Andy Krop New Around Here

    Joined:
    Feb 8, 2015
    Messages:
    9
  17. dylanmitchell

    dylanmitchell Occasional Visitor

    Joined:
    Sep 22, 2018
    Messages:
    32
    Is the Arris SB8200 effected? I bought an SB8200 to avoid the Intel Puma latency bug and ping of death bug. Now we have Kr00k effecting Broadcom chips. I'm on Cox and currently have SB8200 Hardware Version 6 and Software Version AB01.01.009.27_081619_183.0A.NSH. My router is running the latest RT-AC86U_384.15_0 firmware.

    ...while the source of the bug lies in the Wi-Fi chips, fortunately, it can be mitigated through software or firmware updates... Sounds similar to Intel's response about the Puma 5, 6, and 7 Series bugs. Broadcomm has a different bug but the fix is similar software or firmware vs replacing hardware. I bought an SB8200 with the Broadcom chipset to avoid the Intel Puma chipset issues I had with my TM3402 with a Puma 7 chip. Still have the Arris TM3402 but it's set up as a voice-only modem. SB8200 connects to my RT86-U and TM3402 is set up for voice only. I own the SB8200 and the cable company owns the TM3402 but doesn't charge rent on phone modems.
     
  18. ColinTaylor

    ColinTaylor Part of the Furniture

    Joined:
    Mar 31, 2014
    Messages:
    10,981
    Location:
    UK
    I don't understand why you're asking the question. You already know that it's a WiFi bug and your cable modem isn't a WiFi device. :confused:
     
  19. DonnyJohnny

    DonnyJohnny Very Senior Member

    Joined:
    Dec 17, 2017
    Messages:
    757
    Twiglets likes this.
  20. Twiglets

    Twiglets Senior Member

    Joined:
    Aug 15, 2014
    Messages:
    202
    Beat me to it.
    If I understand correctly, Kr00k would not be a problem if 'Protected Management Frames' worked with *all* existing kit. !!!

    Tried enabling PMF 'Required' and all the phones dropped off the network.
     
    Quoc Huynh likes this.