Every software or hardware we use is created by humans, so it may contain bugs, sometimes serious. Chips from Broadcom and Cypress Semiconductor are affected by serious vulnerability. It allows to to decrypt data sent wirelessly. This vulnerability got little strange name “KrØØk”. It mostly affects FullMAC WLAN chips, which are present in many iPhones, iPads, Macs, Amazon Kindles, Amazon Echos, smartphones with Android and routers from Asus and Huawei. This vulnerability was found by Slovak company ESET.
Apple and Amazon said for Ars Technica that vulnerability was already fixed in recents updates. So if you did not update your Apple or Amazon devices, now is the time.
Rest of vendors did not answer, so there is chance that many devices are vulnerable.
ESET also said, that devices are vulnerable even if you have patched vulnerability on your devices when you connect to a Wi-Fi network, which is potentially riskful.
Before you buy a router, always check if it offers regular updates or at least, for advanced users, if you can install OpenWRT or another alternative router operating system. My AirPort Extreme from 2013 is still getting updates. Many Android smartphones do not get updates, including security ones, so be careful if that 100 euro smartphone with Android 7 is worth your money.
Source: Ars Technica