ID de Prueba:	1.3.6.1.4.1.25623.1.0.104507
Categoría:	Huawei
Título:	Huawei Data Communication: Information Disclosure Vulnerability (huawei-sa-20200527-01-wifi-en, Kr00k)
Resumen:	Huawei Data Communication devices are prone to an information; disclosure vulnerability dubbed 'Kr00k'.
Descripción:	Summary: Huawei Data Communication devices are prone to an information disclosure vulnerability dubbed 'Kr00k'. Vulnerability Insight: An issue was discovered on Broadcom Wi-Fi client devices. Specifically timed and handcrafted traffic can cause internal errors (related to state transitions) in a WLAN device. Vulnerability Impact: The flaw lead to improper layer 2 Wi-Fi encryption with a consequent possibility of information disclosure over the air for a discrete set of traffic. Affected Software/OS: AP7030DE versions V200R005C20, V200R006C00, V200R006C10, V200R006C20, V200R007C10, V200R007C20, V200R008C00, V200R008C10, V200R010C00, V200R019C00 AP9330DN versions V200R005C20, V200R006C00, V200R006C10, V200R006C20, V200R007C10, V200R007C20, V200R008C00, V200R008C10, V200R010C00, V200R019C00 Solution: See the referenced vendor advisory for a solution. CVSS Score: 2.9 CVSS Vector: AV:A/AC:M/Au:N/C:P/I:N/A:N
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2019-15126 Cisco Security Advisory: 20200227 Wi-Fi Protected Network and Wi-Fi Protected Network 2 Information Disclosure Vulnerability https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200226-wi-fi-info-disclosure http://packetstormsecurity.com/files/156809/Broadcom-Wi-Fi-KR00K-Proof-Of-Concept.html https://us-cert.cisa.gov/ics/advisories/icsa-20-224-05
Copyright	Copyright (C) 2023 Greenbone Networks GmbH

Esta es sólo una de 146377 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.