SSA-712518 V1.1 (Last Update: 2020-12-08): Information Disclosure Vulnerability (Kr00k) in Industrial Wi-Fi Products

Published

2020-12-08 00:00:00 UTC

Summary

An information disclosure vulnerability (CVE-2019-15126, also known as Kr00k) could allow an attacker to read a discrete set of traffic over the air after a Wi-Fi device state change.

Siemens is preparing updates and recommends specific countermeasures for products where updates are not, or not yet available.

Source

https://cert-portal.siemens.com/productcert/pdf/ssa-712518.pdf