Security News > 2024 > April > PuTTY vulnerability can be exploited to recover private keys (CVE-2024-31497)

A vulnerability in PuTTY, a popular SSH and Telnet client, could allow attackers to recover NIST P-521 client keys due to the "Heavily biased" ECDSA nonces, researchers have discovered.
According to PuTTY maintainers, 521-bit ECDSA is the only affected key type.
CVE-2024-31497 allows an attacker that knows the public key and around 60 valid ECDSA signatures generated by any PuTTY component under the same key to derive the private key, which they can then use to log into any SSH servers that key is used for.
"If the key has been used to sign arbitrary data, the publicly available signatures can be used as well," Bäumer noted.
As Bäumer pointed out, all NIST P-521 client keys used with PuTTY must be considered compromised and should be revoked.
"Remove the old public key from all OpenSSH authorized keys files, and the equivalent in other SSH servers, so that a signature from the compromised key has no value any more. Then generate a new key pair to replace it," PuTTY maintainers advised.
News URL
https://www.helpnetsecurity.com/2024/04/16/cve-2024-31497/
Related news
- CISA Flags Craft CMS Vulnerability CVE-2025-23209 Amid Active Attacks (source)
- Siemens Teamcenter vulnerability could allow account takeover (CVE-2025-23363) (source)
- MITRE Caldera RCE vulnerability with public PoC fixed, patch ASAP! (CVE-2025–27364) (source)
- Meta Warns of FreeType Vulnerability (CVE-2025-27363) With Active Exploitation Risk (source)
- Critical Veeam Backup & Replication RCE vulnerability fixed, patch ASAP! (CVE-2025-23120) (source)
- NAKIVO Backup & Replication vulnerability exploited by attackers (CVE-2024-48248) (source)
- Critical Next.js auth bypass vulnerability opens web apps to compromise (CVE-2025-29927) (source)
- CrushFTP: Patch critical vulnerability ASAP! (CVE-2025-2825) (source)
- Attackers are targeting CrushFTP vulnerability with public PoC (CVE-2025-2825) (source)
Related Vulnerability
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2024-04-15 | CVE-2024-31497 | Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG) vulnerability in multiple products In PuTTY 0.68 through 0.80 before 0.81, biased ECDSA nonce generation allows an attacker to recover a user's NIST P-521 secret key via a quick attack in approximately 60 signatures. | 5.9 |