"Terrapin Attack Allows to Downgrade SSH Protocol Security"

Ruhr University Bochum security researchers discovered Terrapin, a vulnerability tracked as CVE-2023-48795 with a CVSS score of 5.9, in the Secure Shell (SSH) cryptographic network protocol. The exploitation of the flaw allows an attacker to downgrade the connection's security. Terrapin is a prefix truncation attack that compromises the integrity of SSH's secure channel. According to the team, an attacker can remove an arbitrary number of messages sent by the client or server at the start of the secure channel by carefully adjusting the sequence numbers during the handshake without the client or server noticing. In practice, the attacker can lower the connection's security by truncating the extension negotiation message from the transcript. This article continues to discuss the Terrapin attack.

Security Affairs reports "Terrapin Attack Allows to Downgrade SSH Protocol Security"

Submitted by grigby1