A recently discovered flaw in New Terrapin could potentially allow attackers to downgrade SSH protocol security

A recently discovered flaw in New Terrapin could potentially allow attackers to downgrade SSH protocol security

Product and Affected Versions

The vulnerability, named Terrapin (CVE-2023-48795, CVSS score: 5.9), impacts a wide range of SSH client and server implementations, including but not limited to OpenSSH, Paramiko, PuTTY, KiTTY, WinSCP, libssh, libssh2, AsyncSSH, FileZilla, and Dropbear.

Severity and CVE ID

The severity of this vulnerability is rated with a CVSS score of 5.9, marked under CVE-2023-48795.

Vulnerability Description

Terrapin introduces the “first ever practically exploitable prefix truncation attack” in the Secure Shell (SSH) cryptographic network protocol. It allows an attacker positioned as an active adversary-in-the-middle (AitM) to compromise the integrity of the secure channel by manipulating sequence numbers during the handshake process. This manipulation permits the removal of specific initial messages without detection by the client or server.

The attack leverages SSH extension negotiation, particularly targeting the truncation of the extension negotiation message (RFC8308) within the transcript. As a consequence, the attacker can downgrade the security of the SSH connection, potentially leading to the utilization of less secure client authentication algorithms and disabling critical countermeasures against keystroke timing attacks, notably observed in OpenSSH 9.5.