Security News > 2024 > April > PuTTY vulnerability can be exploited to recover private keys (CVE-2024-31497)
A vulnerability in PuTTY, a popular SSH and Telnet client, could allow attackers to recover NIST P-521 client keys due to the "Heavily biased" ECDSA nonces, researchers have discovered.
According to PuTTY maintainers, 521-bit ECDSA is the only affected key type.
CVE-2024-31497 allows an attacker that knows the public key and around 60 valid ECDSA signatures generated by any PuTTY component under the same key to derive the private key, which they can then use to log into any SSH servers that key is used for.
"If the key has been used to sign arbitrary data, the publicly available signatures can be used as well," Bäumer noted.
As Bäumer pointed out, all NIST P-521 client keys used with PuTTY must be considered compromised and should be revoked.
"Remove the old public key from all OpenSSH authorized keys files, and the equivalent in other SSH servers, so that a signature from the compromised key has no value any more. Then generate a new key pair to replace it," PuTTY maintainers advised.
News URL
https://www.helpnetsecurity.com/2024/04/16/cve-2024-31497/
Related news
- Google Warns of Actively Exploited CVE-2024-43093 Vulnerability in Android System (source)
- Google patches actively exploited Android vulnerability (CVE-2024-43093) (source)
- Critical vulnerability in Cisco industrial wireless access points fixed (CVE-2024-20418) (source)
- Oracle patches exploited Agile PLM vulnerability (CVE-2024-21287) (source)
- PoC exploit for critical WhatsUp Gold RCE vulnerability released (CVE-2024-8785) (source)
- BeyondTrust fixes critical vulnerability in remote access, support solutions (CVE-2024-12356) (source)
Related Vulnerability
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-04-15 | CVE-2024-31497 | Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG) vulnerability in multiple products In PuTTY 0.68 through 0.80 before 0.81, biased ECDSA nonce generation allows an attacker to recover a user's NIST P-521 secret key via a quick attack in approximately 60 signatures. | 5.9 |