ASUS silently releases fix for their Broadcom-based wireless router for a serious flaw discovered on Broadcom based Wi-Fi client devices. Translating the issue in layman’s term, kr00k is a vulnerability that allows an encrypted WPA2 Wi-Fi traffic between the wireless router and wireless client to be decrypted.
Initially identified by a security company back in the August 17, 2019, almost one billion devices affected. Adding the salt to the injury, a few wireless routers and wireless access points affected by kr00k, resulting in the client devices running the latest patch, vulnerable. The company further suggesting it is recommended to check if there is any new security patches issued for your device from time-to-time.
ASUS on the other hand, issues a silent fix for the Broadcom-based wireless router secretly, however, not many users are aware of this.
Below are the a few identified wireless router models of ASUS issued with CVE-2019-151126 fix.
|Wireless Protocol||Wireless Class||Model||Chipset||Download Site|
Currently, only four models above are currently issued with the fix.
It is still unsure, if more Broadcom-based ASUS router’s will receive the fix. If you’re using Asus-Merlin firmware for AC68U and AC86U, it is still unsure if the fix will patched in the upcoming 384.16 firmware.