The vulnerability was described in detail today at the RSA Security Conference (via Ars Technica ). For Apple users, the problem has been fixed in the updates for iOS 13.2 and macOS 10.15.1, which were already released in late October.
The WiFi chip error, called Kr00k, resulted in vulnerable devices using a zero encryption key to encrypt part of a user's communication. If used successfully, hackers could use the attack to decrypt some wireless network packets sent by a vulnerable device. As described by Ars Technica :
Kr00k exploits a vulnerability that occurs when wireless devices are disconnected from a wireless access point. If either the end user device or the access point is vulnerable, all unsent data frames are placed in a transmit buffer and then sent over the air. Instead of encrypting this data with the session key previously negotiated and used during normal connection, vulnerable devices use a key that consists of all zeros. This makes decryption trivial.
Broadcom and Cypress chips are used in many modern WiFi devices such as smartphones, laptops, Internet of Things products, WiFi access points and routers.
Our tests confirmed that prior to patching, some client devices from Amazon (Echo, Kindle), Apple (iPhone, iPad, MacBook), Google (Nexus), Samsung (Galaxy), Raspberry (Pi 3), Xiaomi (RedMi) as well as some access points from Asus and Huawei were vulnerable to KrØØk. This corresponds to a conservative estimate of over a billion Wi-Fi-enabled devices and access points. In addition, many other providers whose products we have not tested also use the affected chipsets in their devices.
According to ESET Research, which released details of the vulnerability, Broadcom and Cypress were notified of this along with potentially affected parties. At this point, patches for devices from most major manufacturers were released.
ESET Research recommends ensuring that the latest updates have been applied to WiFi-enabled devices to address the vulnerability.