Test ID:	1.3.6.1.4.1.25623.1.0.108808
Category:	General
Title:	AVM FRITZ!Box 7581 and 7582 < 7.13 Information Disclosure Vulnerability (Kr00k)
Summary:	AVM FRITZ!Box 7581 and 7582 devices are prone to an information; disclosure vulnerability dubbed 'Kr00k'.
Description:	Summary: AVM FRITZ!Box 7581 and 7582 devices are prone to an information disclosure vulnerability dubbed 'Kr00k'. Vulnerability Insight: An issue was discovered on Broadcom Wi-Fi client devices. Specifically timed and handcrafted traffic can cause internal errors (related to state transitions) in a WLAN device. Vulnerability Impact: The flaw lead to improper layer 2 Wi-Fi encryption with a consequent possibility of information disclosure over the air for a discrete set of traffic. Affected Software/OS: AVM FRITZ!Box 7581 and 7582 devices running AVM FRITZ!OS before version 7.13. Solution: Update to AVM FRITZ!OS 7.13 or later. CVSS Score: 2.9 CVSS Vector: AV:A/AC:M/Au:N/C:P/I:N/A:N
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2019-15126 Cisco Security Advisory: 20200227 Wi-Fi Protected Network and Wi-Fi Protected Network 2 Information Disclosure Vulnerability https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200226-wi-fi-info-disclosure http://packetstormsecurity.com/files/156809/Broadcom-Wi-Fi-KR00K-Proof-Of-Concept.html https://us-cert.cisa.gov/ics/advisories/icsa-20-224-05
Copyright	Copyright (C) 2020 Greenbone Networks GmbH

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.