Test Kennung:	1.3.6.1.4.1.25623.1.0.104507
Kategorie:	Huawei
Titel:	Huawei Data Communication: Information Disclosure Vulnerability (huawei-sa-20200527-01-wifi-en, Kr00k)
Zusammenfassung:	Huawei Data Communication devices are prone to an information; disclosure vulnerability dubbed 'Kr00k'.
Beschreibung:	Summary: Huawei Data Communication devices are prone to an information disclosure vulnerability dubbed 'Kr00k'. Vulnerability Insight: An issue was discovered on Broadcom Wi-Fi client devices. Specifically timed and handcrafted traffic can cause internal errors (related to state transitions) in a WLAN device. Vulnerability Impact: The flaw lead to improper layer 2 Wi-Fi encryption with a consequent possibility of information disclosure over the air for a discrete set of traffic. Affected Software/OS: AP7030DE versions V200R005C20, V200R006C00, V200R006C10, V200R006C20, V200R007C10, V200R007C20, V200R008C00, V200R008C10, V200R010C00, V200R019C00 AP9330DN versions V200R005C20, V200R006C00, V200R006C10, V200R006C20, V200R007C10, V200R007C20, V200R008C00, V200R008C10, V200R010C00, V200R019C00 Solution: See the referenced vendor advisory for a solution. CVSS Score: 2.9 CVSS Vector: AV:A/AC:M/Au:N/C:P/I:N/A:N
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2019-15126 Cisco Security Advisory: 20200227 Wi-Fi Protected Network and Wi-Fi Protected Network 2 Information Disclosure Vulnerability https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200226-wi-fi-info-disclosure http://packetstormsecurity.com/files/156809/Broadcom-Wi-Fi-KR00K-Proof-Of-Concept.html https://us-cert.cisa.gov/ics/advisories/icsa-20-224-05
Copyright	Copyright (C) 2023 Greenbone Networks GmbH

Dies ist nur einer von 145615 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.