Connect with us

Hi, what are you looking for?


Data Protection

Old Crypto Vulnerability Hits Major Tech Firms

A team of researchers has revived an old crypto vulnerability and determined that it affects the products of several major vendors and a significant number of the world’s top websites.

A team of researchers has revived an old crypto vulnerability and determined that it affects the products of several major vendors and a significant number of the world’s top websites.

Last month, F5 Networks informed customers that some of its BIG-IP products include a vulnerability that can be exploited by a remote attacker for recovering encrypted data and launching man-in-the-middle (MitM) attacks.

The security hole was reported to the vendor by Tripwire’s Craig Young, researcher and journalist Hanno Böck, and Juraj Somorovsky of Ruhr-Universität Bochum. The experts noted at the time that the issue affected products from other vendors as well and promised to release details at a later time.

While proof-of-concept (PoC) code will only be made available after affected organizations have had a chance to patch their systems, the researchers have published some additional details.ROBOT crypto attack

The attack method now has a name, a logo and a website. It has been dubbed ROBOT (Return Of Bleichenbacher’s Oracle Threat) and, as the name suggests, it’s related to an attack method discovered by Daniel Bleichenbacher back in 1998.

The vulnerability affects TLS connections that use RSA encryption and it can allow an attacker to access protected data. The weakness, however, cannot be exploited to obtain private keys.

“For hosts that are vulnerable and only support RSA encryption key exchanges it’s pretty bad. It means an attacker can passively record traffic and later decrypt it,” researchers explained. “For hosts that usually use forward secrecy, but still support a vulnerable RSA encryption key exchange the risk depends on how fast an attacker is able to perform the attack. We believe that a server impersonation or man in the middle attack is possible, but it is more challenging.”

In addition to F5, the vulnerability impacts products from Citrix (CVE-2017-17382), Radware (CVE-2017-17427), Cisco (CVE-2017-17428), Bouncy Castle (CVE-2017-13098), Erlang (CVE-2017-1000385) and WolfSSL (CVE-2017-13099). These organizations have released patches, except for Cisco, whose vulnerable ACE appliances have reached end-of-life. Several other vendors are also affected, but they will not be named until they release fixes.

Advertisement. Scroll to continue reading.

Experts have determined that the best workaround is to disable RSA encryption, an action which they believe has relatively low costs.

Researchers have made available an online tool that can be used to test public HTTPS servers. An analysis showed that at least 27 of the top 100 Alexa websites, including Facebook and PayPal, were affected.

The vulnerability that allows ROBOT attacks has been known since 1998 and several variations have been found over the years. One recent version of the attack is known as DROWN, which Somorovsky and several others discovered last year.

Each new attack method resulted in a series of countermeasures being developed to protect systems against potential attacks. However, these measures have become increasingly complex, making them difficult for vendors to implement.

The experts who discovered ROBOT said the vulnerability had been hiding in plain sight and the attack involves only minor modifications to the original Bleichenbacher method.

Related: Experts Find Faster Way to Exploit Infineon Chip Crypto Flaw

Related: “Ticketbleed” Flaw Exposes F5 Appliances to Remote Attacks

Written By

Eduard Kovacs (@EduardKovacs) is a managing editor at SecurityWeek. He worked as a high school IT teacher for two years before starting a career in journalism as Softpedia’s security news reporter. Eduard holds a bachelor’s degree in industrial informatics and a master’s degree in computer techniques applied in electrical engineering.

Click to comment

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join security experts as they discuss ZTNA’s untapped potential to both reduce cyber risk and empower the business.


Join Microsoft and Finite State for a webinar that will introduce a new strategy for securing the software supply chain.


Expert Insights

Related Content

Application Security

Cycode, a startup that provides solutions for protecting software source code, emerged from stealth mode on Tuesday with $4.6 million in seed funding.


Less than a week after announcing that it would suspended service indefinitely due to a conflict with an (at the time) unnamed security researcher...

Data Protection

The cryptopocalypse is the point at which quantum computing becomes powerful enough to use Shor’s algorithm to crack PKI encryption.

CISO Strategy

SecurityWeek spoke with more than 300 cybersecurity experts to see what is bubbling beneath the surface, and examine how those evolving threats will present...

Data Breaches

OpenAI has confirmed a ChatGPT data breach on the same day a security firm reported seeing the use of a component affected by an...

CISO Conversations

Joanna Burkey, CISO at HP, and Kevin Cross, CISO at Dell, discuss how the role of a CISO is different for a multinational corporation...

Artificial Intelligence

The CRYSTALS-Kyber public-key encryption and key encapsulation mechanism recommended by NIST for post-quantum cryptography has been broken using AI combined with side channel attacks.

CISO Conversations

In this issue of CISO Conversations we talk to two CISOs about solving the CISO/CIO conflict by combining the roles under one person.