Security News > 2024 > April > PuTTY vulnerability can be exploited to recover private keys (CVE-2024-31497)
A vulnerability in PuTTY, a popular SSH and Telnet client, could allow attackers to recover NIST P-521 client keys due to the "Heavily biased" ECDSA nonces, researchers have discovered.
According to PuTTY maintainers, 521-bit ECDSA is the only affected key type.
CVE-2024-31497 allows an attacker that knows the public key and around 60 valid ECDSA signatures generated by any PuTTY component under the same key to derive the private key, which they can then use to log into any SSH servers that key is used for.
"If the key has been used to sign arbitrary data, the publicly available signatures can be used as well," Bäumer noted.
As Bäumer pointed out, all NIST P-521 client keys used with PuTTY must be considered compromised and should be revoked.
"Remove the old public key from all OpenSSH authorized keys files, and the equivalent in other SSH servers, so that a signature from the compromised key has no value any more. Then generate a new key pair to replace it," PuTTY maintainers advised.
News URL
https://www.helpnetsecurity.com/2024/04/16/cve-2024-31497/
Related news
- Critical FortiClient EMS vulnerability fixed, (fake?) PoC for sale (CVE-2023-48788) (source)
- PoC exploit for critical Fortra FileCatalyst MFT vulnerability released (CVE-2024-25153) (source)
- Ivanti fixes RCE vulnerability reported by NATO cybersecurity researchers (CVE-2023-41724) (source)
- AI framework vulnerability is being used to compromise enterprise servers (CVE-2023-48022) (source)
- PoC for critical Progress Flowmon vulnerability released (CVE-2024-2389) (source)
Related Vulnerability
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-04-15 | CVE-2024-31497 | In PuTTY 0.68 through 0.80 before 0.81, biased ECDSA nonce generation allows an attacker to recover a user's NIST P-521 secret key via a quick attack in approximately 60 signatures. | 0.0 |