TT-CSIRT – 423 02.01.24: Terrapin CVE-2023-48795 vulnerability in Secure Shell (SSH) cryptographic network protocol
Terrapin (CVE-2023-48795, CVSS score: 5.9) allows remote attackers to bypass integrity checks such that some packets are omitted causing security features to be downgraded or disabled within a client and server connection (a Terrapin Attack). This allows attackers to exploit the SSH protocol, potentially gaining unauthorized access to sensitive information or compromising network security.
The exploit affects many SSH client and server implementations, such as OpenSSH, Paramiko, PuTTY, KiTTY, WinSCP, libssh, libssh2, AsyncSSH, FileZilla, and Dropbear.
This vulnerability carefully adjusts the sequence numbers during the handshake, allowing attackers to remove an arbitrary amount of messages sent by the client or server at the beginning of the secure channel without the client or server detecting it. According to experts, the attack can be performed in practice, allowing an attacker to downgrade the connection’s security by truncating the extension negotiation message (RFC8308) from the transcript. This process leads to using less secure client authentication algorithms and deactivating specific countermeasures against keystroke timing attacks in OpenSSH 9.5.
Furthermore the attacker exploits this vulnerability to intercept sensitive data and/or gain control over critical systems using administrator privileged access. This risk specifically targets organizations with large, interconnected networks that provide access to privileged data.
It is important for companies to ensure appropriate measures are taken to patch servers and ensure that a vulnerable client connecting to a patched server does not result in a vulnerable connection.
Identifying vulnerable occurrences in a timely manner on both client and server side and apply mitigations and best practices throughout the entire infrastructure will reduce the impact.
If your SSH implementations supports (and is configured to offer) the email@example.com encryption algorithm, or any encryption algorithm suffixed -cbc in combination with any MAC algorithm suffixed -firstname.lastname@example.org, you are vulnerable to Terrapin. Here are a few other CVE numbers that are related to the vulnerability:
- CVE-2023-48795: General Protocol Flaw
- CVE-2023-46445: Rogue Extension Negotiation Attack in AsyncSSH
- CVE-2023-46446: Rogue Session Attack in AsyncSSH
If you have any queries, comments or require assistance, please feel free to contact the TT-CSIRT via email@example.com
- Monitor network and logs
- Apply patches to servers as often as possible.
- Utilize vulnerability scans to determine levels of vulnerabilities on servers or clients.
- Timely detection of unsecured and vulnerable connections.
- https://terrapin-attack.com/patches.html includes a list of patches applicable.