Yet another chip flaw in Wi-Fi security

Started by Geek-9pm, February 27, 2020, 03:38:19 PM

Previous topic - Next topic

0 Members and 1 Guest are viewing this topic.

Geek-9pm

Again? Wasn't that fixed two years ago? Or ,maybe last year?

Here we are in 2020 and now another chip flaw has been found in widely used wireless chips.
Two sources:
https://www.dailymail.co.uk/sciencetech/article-8048431/A-flaw-chips-powering-Wi-Fi-routers-left-ONE-BILLION-devices-open-hacked.html

https://arstechnica.com/information-technology/2020/02/flaw-in-billions-of-wi-fi-devices-left-communications-open-to-eavesdroppng/

Another says:
The flaw, discovered by the cybersecurity firm ESET, effectively disarms the encryption used by a password-protected Wi-Fi network. This could let hackers watch the activity on the network as if it were wide open. But while this could mean victims are vulnerable to eavesdropping, software updates and other layers of security will likely prevent this attack from having catastrophic results.
https://www.technologyreview.com/f/615285/a-billion-wi-fi-devices-suffer-from-a-newly-discovered-security-flaw/

Will they really fix it?  :o

BC_Programmer

Much better description:

QuoteAn issue was discovered on Broadcom Wi-Fi client devices. Specifically timed and handcrafted traffic can cause internal errors (related to state transitions) in a WLAN device that lead to improper layer 2 Wi-Fi encryption with a consequent possibility of information disclosure over the air for a discrete set of traffic

CVE-2019-15126

Cisco article

Many devices already have patches.
I was trying to dereference Null Pointers before it was cool.

Engineer.AI

Isn't this basically saying that the "discrete" hackers would have access to your devices?
~Engineer.AI