Academic researchers developed a new attack called Terrapin that manipulates sequence numbers during the handshake process to breaks the SSH channel integrity when certain widely-used encryption modes are used.
This manipulation lets attackers remove or modify messages exchanged through the communication channel, which leads to downgrading the public key algorithms used for user authentication or disabling defenses against keystroke timing attacks in OpenSSH 9.5.
A Terrapin attack lowers the security of the established connection by truncating important negotiation messages without the client or server noticing it.
Researchers from the Ruhr University Bochum developed the Terrapin attack and also discovered exploitable implementation flaws in AsyncSSH. The weaknesses and flaws associated with the attack are bow identified as CVE-2023-48795, CVE-2023-46445 and CVE-2023-46446.
One thing to note about Terrapin is that the attackers need to be in an adversary-in-the-middle position at the network layer to intercept and modify the handshake exchange, and the connection must be secured by either ChaCha20-Poly1305 or CBC with Encrypt-then-MAC. The data in the messages exchanged after the completion of the handshake determines the severity of the attack's repercussions.
Despite the specific requirements for Terrapin, the extensive adoption of the mentioned encryption modes makes the attack feasible in a real-world scenario.
Multiple vendors are gradually mitigating the security problem.
One solution is to implement a strict key exchange that makes package injection during the handshake unattainable.
It will take a while for such an issue to be addressed universally and the researchers note that the strict key exchange countermeasure is only effective when implemented on both the client and the server.
The team has published a Terrapin vulnerability scanner on GitHub, which admins can use to determine if an SSH client or server is vulnerable to the attack.
Terrapin is not a simple software bug that can be fixed with an update to a single library or component.
Instead, clients and servers need to be updated to protect the connection against prefix truncation attacks.
The biggest mitigation factor for the attack is the MiTM requirement, which makes Terrapin a less severe threat.
For this reason, patching CVE-2023-48795 may not be a priority in many cases.
More details about the Terrapin attack are available in the technical whitepaper released by the German researchers.
Microsoft discovers critical RCE flaw in Perforce Helix Core Server.
Vans and North Face owner VF Corp hit by ransomware attack.
Mortgage giant Mr. Cooper data breach affects 14.7 million people.
MongoDB says customer data was exposed in a cyberattack.
CISA urges tech manufacturers to stop using default passwords.
This Cyber News was published on www.bleepingcomputer.com. Publication date: Tue, 19 Dec 2023 17:05:09 +0000