Security researchers at ESET have reported a vulnerability called Kr00k (CVE-2019- 15126) which affects encrypted WiFi traffic for devices using Broadcom or Cypress chipsets. The vulnerability may allow an attacker to decrypt some WPA2- Personal/Enterprise traffic by forcing an AP/client to start utilizing an all-zero encryption key (similar to KRACK vulnerability).
An issue was discovered on Broadcom Wi-Fi client devices. Specifically timed and handcrafted traffic can cause internal errors (related to state transitions) in a WLAN device that lead to improper layer 2 Wi-Fi encryption with a consequent possibility of information disclosure over the air for a discrete set of traffic, a different vulnerability than CVE-2019-9500, CVE-2019-9501, CVE-2019-9502, and CVE-2019-9503.
Pepperl+Fuchs analyzed its ECOM branded mobile device portfolio in respect of the 'Kr00k' vulnerabilities. To our current knowledge only Tab-Ex 02 is potentially affected by these vulnerabilities. Devices with security patch level <= 01.03.2020 are affected.
Pepperl+Fuchs is continuously and rigorously working closely with our partner to patch all affected Devices.
Update for Tab-Ex 02 is planned for 05/2020
ECOM mobile devices are normally used in the corporate network. This implies that outgoing connections and local software installations have to be configured by administrators. It should be ensured that the data connections are additionally encrypted, e.g. HTTPS or SSH.
Security researchers at ESET.