A new vulnerability in the SSH cryptographic network protocol has been discovered (CVE-2023-48795) that could allow an attacker to downgrade the connection’s security by truncating the extension negotiation message. The vulnerability has been found in OpenSSH before 9.6 and other products and has a moderate security impact.
Terrapin is a MitM (man-in-the-middle) attack, the exploit only works when an attacker has an active adversary-in-the middle position on the connection between the admins and the network they remotely connect to.
A technical description of the attack is available in the following paper.
Recent Comments