Cisco High Severity Flaw Let Attackers Retrieve RSA Private Key Remotely

by Esmeralda McKenzie
Cisco High Severity Flaw Let Attackers Retrieve RSA Private Key Remotely

Cisco High Severity Flaw Let Attackers Retrieve RSA Private Key Remotely

Cisco High Severity Flaw

Cisco released tool updates that take care of the vulnerability affecting its Adaptive Safety Appliance Tool (ASA) and Firepower Threat Protection Tool (FTD). The excessive severity flaw is tracked as (CVE-2022-20866) stumbled on in the handling of RSA keys on devices running Cisco Adaptive Safety Appliance Tool and Cisco Firepower Threat Protection Tool.

If the flaw is successfully exploited, it might perchance per chance perchance enable an unauthenticated, far-off attacker to retrieve an RSA non-public key.

“This vulnerability is due to the a great judgment error when the RSA secret’s kept in memory on a hardware platform that performs hardware-based cryptography. An attacker might perchance exploit this vulnerability by utilizing a Lenstra side-channel attack against the targeted tool”, reads the safety advisory published by Cisco.

Weak Merchandise

The flaw affects the listed Cisco merchandise which assassinate hardware-based cryptographic beneficial properties in the occasion that they are running a susceptible free up of Cisco ASA Tool or Cisco FTD Tool:

  • ASA 5506-X with FirePOWER Products and services
  • ASA 5506H-X with FirePOWER Products and services
  • ASA 5506W-X with FirePOWER Products and services
  • ASA 5508-X with FirePOWER Products and services
  • ASA 5516-X with FirePOWER Products and services
  • Firepower 1000 Series Subsequent-Generation Firewall
  • Firepower 2100 Series Safety Appliances
  • Firepower 4100 Series Safety Appliances
  • Firepower 9300 Series Safety Appliances
  • Trusty Firewall 3100

Listing of Prerequisites that May well also simply Be Noticed On an Affected Diagram:

  • This can influence spherical 5 percent of the RSA keys on a tool that is running a susceptible free up of ASA Tool or FTD Tool; now not all RSA keys are expected to be affected because of the mathematical calculations utilized to the RSA key.
  • The RSA key might perchance be official however contain explicit traits that construct it at risk of the ability leak of the RSA non-public key.
  • The RSA key might perchance be malformed and invalid. A malformed RSA secret’s now not purposeful, and a TLS client connection to a tool that is running Cisco ASA Tool or Cisco FTD Tool that makes utilize of the malformed RSA key will result in a TLS signature failure, that ability a susceptible tool free up created an invalid RSA signature that failed verification. If an attacker obtains the RSA non-public key, they would perchance utilize the major to impersonate a tool that is running Cisco ASA Tool or Cisco FTD Tool or to decrypt the tool traffic.

Cisco mentions that any RSA key on a susceptible tool free up, aside from where it became as soon as at the start place generated, might perchance be malformed or susceptible. Which ability truth there is a risk that the RSA non-public key can also simply also be leaked to malicious actors.

Fixed Releases

ASA Tool

Cisco ASA Tool Start First Fixed Start
9.15 and earlier1 No longer susceptible
9.16 9.16.3.19
9.17 9.17.1.13
9.18 9.18.2

FTD Tool

Cisco FTD Tool Start First Fixed Start
6.7.0 and earlier1 No longer susceptible
7.0.0 7.0.4
7.1.0 Cisco_FTD_Hotfix_P-7.1.0.2-2.sh.REL.tar
Cisco_FTD_SSP_FP1K_Hotfix_P-7.1.0.2-2.sh.REL.tar
Cisco_FTD_SSP_FP2K_Hotfix_P-7.1.0.2-2.sh.REL.tar
Cisco_FTD_SSP_Hotfix_P-7.1.0.2-2.sh.REL.tar
Cisco_FTD_SSP_FP3K_Hotfix_Q-7.1.0.3-2.sh.REL.tar
7.2.0 7.2.0.1

Cisco has credited Nadia Heninger and George Sullivan of the College of California San Diego and Jackson Sippe and Eric Wustrow of the College of Colorado Boulder for reporting the safety flaw. The Product Safety Incident Response Group (PSIRT) of the firm stumbled on no proof of exploitation in attacks.

Also, Download a Free Guidelines for Securing Your Conducting Network Here.

Source credit : cybersecuritynews.com

Related Posts