Security Architecture, Endpoint/Device Security, IoT, Network Security, Security Strategy, Plan, Budget, Vulnerability Management, Patch/Configuration Management, Endpoint/Device Security, Endpoint/Device Security, Endpoint/Device Security

Unpatched Amazon Echo and Kindle devices prone to KRACK attacks

Amazon.com Echo and Kindle devices were discovered last year to contain WPA/WPA2 protocol vulnerabilities that could potentially allow malicious actors to uncover keychains used to encrypt Wi-Fi traffic.

The vulnerabilities, CVE-2017-13077 and CVE-2017-13078, are prone to Key Reinstallation Attacks (aka KRACK attacks), and were disclosed back in 2017 by a pair of Belgian researchers. In essence, they allow actors to reinstall an already-in-use key and replay cryptographic handshake messages, ultimately helping them decipher the full keychain.

CVE-2017-13077 enables the reinstallation of the pairwise encryption key a four-way handshake, while CVE-2017-13078 allows reinstallation of the group key (GTK) in a handshake. Such attacks are only effective, however, if the attacker and victim devices are in range of the same Wi-Fi radio network.

In a company blog post released today, cybersecurity firm ESET revealed that in 2018, researchers from its Smart Home Research Team tested the first-generation Amazon Echo smart speaker and eighth-generation Kindle e-reader for the two KRACK vulnerabilities, and found them to be susceptible.

ESET reportedly informed Amazon of the vulnerabilities in October of 2018, and by early 2019 had Amazon subsequently released a corrective firmware update for both products, tens of millions of which have been sold. ESET encouraged owners of all Echos and Kindles to verify that they are using the most up-to-date version of the firmware, which is immune to exploitation of the two aforementioned KRACK vulnerabilities.

"Customer trust is important to us and we take the security of our devices seriously," said an Amazon spokesperson to SC Media. "Customers received automatic security updates addressing this issue for their devices."

ESET malware researcher Miloš Čermák, who authored the report, said in the blog post that the vulnerabilities are significant because they could enable attackers to execute denial of service attacks and disrupt network communications; decrypt transmitted data; create, dismiss and inject new packets; and intercept passwords and session cookies.

Bradley Barth

As director of multimedia content strategy at CyberRisk Alliance, Bradley Barth develops content for online conferences, webcasts, podcasts video/multimedia projects — often serving as moderator or host. For nearly six years, he wrote and reported for SC Media as deputy editor and, before that, senior reporter. He was previously a program executive with the tech-focused PR firm Voxus. Past journalistic experience includes stints as business editor at Executive Technology, a staff writer at New York Sportscene and a freelance journalist covering travel and entertainment. In his spare time, Bradley also writes screenplays.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.