Bo Tong and Cypress Wi-Fi chip deposited, allowing billion equipment to be eavesdropped

According to foreign media reports, there is a vulnerability by Wi-Fi chip manufactured by Cypress Semiconductors and Boyong, allowing millions of equipment around the world to be very susceptible to hackers, allowing attackers to decrypt sensitive data in the air transmission. Discovering the vulnerability is the researchers of the security vendor Eset, and they announced their discovery at the Recent RSA Security Conference. The vulnerability mainly affects the Fullmac WLAN chip of Cypress and Bo Tong. Safety Manufacturer Eset researchers say these chips are used in billions of equipment, including iPhone, iPad, and Mac. According to the researchers, the vulnerability will allow the nearby attackers to "decrypt sensitive data through the air". Researchers from ESET explain: "ESET researchers found a vulnerability that used to be known in the Wi-Fi chip, and named KR00K. This serious vulnerability will cause vulnerable devices to encrypt users' part of communication. Information. In the attack, the hacker can decrypt some wireless network packets transmitted by the vulnerable equipment. " The affected apple equipment includes: iPad mini 2, iPhone 6, 6S, 8 and XR, MacBook Air 2018. Apple said that these vulnerabilities have been fixed in MacOS and iOS and iPados last year. In addition, the chip is also used in Amazon's Echo and Kindle, Google's Pixel, Samsung's Galaxy Series, Raspberry Pieces, Xiaomi, ASUS, Huawei and other brand products. ARS TECHNICA said: KR00K uses a vulnerability that the wireless device is disconnected from the wireless access point. If the end user device or AP hotspot is attacked, it will put all unsearned data frames into the send buffer and then send them wirelessly. Easy to attack the device is not encrypted using the session key used in the previous negotiation and used during normal connection, but uses a key consisting of all zero, which makes the decryption become unlikely. A good thing is that KR00K errors only affect WiFi connections that use WPA2-personal or WPA2-Enterprise security protocols and AES-CCMP encrypted. This means that if you use the Broadcom or Cypress WiFi chipset device, you can prevent hackers from attacking using the latest WiFi authentication protocol WPA3. The ESET Research, which is published on the vulnerability, said that the vulnerability has publicly brought Broadcom and Cypress with the potential affected parties. Currently, most of the main manufacturers' equipment patches have been released.

Our other product:

Professional lightning protection system for Tower	Professional FM Radio Station Equipment Package	FMUSER FU-1000C 1000W FM Transmitter With USB Audio Input Interface
FMUSER 200W FM Radio Broadcasting Package	Hotel IPTV Solution	FMUSER FSN-1000T V5.0 1KW FM Radio Broadcast Transmitter