Home
Cyber Risk Management

SSH Protocol Found Vulnerable to New Terrapin Attack

The Terrapin vulnerability CVE-2023-48795 compromises secure access to network services, posing a threat to internet security.

Anuj Mudaliar Anuj Mudaliar Assistant Editor - Tech, SWZD
January 3, 2024
Cybersecurity Risks
  • Security researchers have discovered a new vulnerability called Terrapin that impacts the Secure Shell (SSH) network protocol.
  • According to the study, at least 77% of SSH servers support modes that can be exploited through the vulnerability.

Security researchers from Germany’s Ruhr University Bochum have found a vulnerability in Secure Shell (SSH) cryptographic network protocol that can enable malicious actors to reduce protections in what is normally considered a secure channel. The vulnerability is known as Terrapin, the CVE-2023-48795, which is a prefix truncation attack.

The Terrapin vulnerability allows attackers to extract messages from servers and clients by making changes to sequence numbers during handshake processes to establish secure communication channels. This reduces the security of the connections, weakening authentication algorithms and stopping protections against attacks that involve timing keystrokes.

See More: 1.3M LoanCare Borrowers Data Exfiltrated in Fidelity National Financial Breach

The vulnerability is the very first practically exploitable prefix truncation attack found by researchers, which is part of a new group of attacks that primarily target cryptographic network protocols.

To execute a Terrapin attack, threat actors need the capabilities to perform man-in-the-middle attacks to adjust traffic at the network layer. They especially affect encryption algorithms with the -cbc suffix.

Using vulnerability scanners has been recommended to check for susceptible servers and clients. In addition, client and server updates and long-term awareness programs will be required to stave off the effects of the Terrapin vulnerability.

What measures does your organization follow to mitigate security vulnerabilities? Let us know your thoughts on LinkedInOpens a new window , XOpens a new window , or FacebookOpens a new window . We’d love to hear from you!

Image source: Shutterstock

LATEST NEWS STORIES

Cybersecurity IT Security
Anuj Mudaliar
Anuj Mudaliar

Assistant Editor - Tech, SWZD

opens a new window opens a new window
opens a new window opens a new window
Anuj Mudaliar is a content development professional with a keen interest in emerging technologies, particularly advances in AI. As a tech editor for Spiceworks, Anuj covers many topics, including cloud, cybersecurity, emerging tech innovation, AI, and hardware. When not at work, he spends his time outdoors - trekking, camping, and stargazing. He is also interested in cooking and experiencing cuisine from around the world.
Take me to Community
Do you still have questions? Head over to the Spiceworks Community to find answers.

Recommended Reads

Think Like the Adversary: Countering LotL Attacks with Proactive Defense
Cyber Risk Management

Think Like the Adversary: Countering LotL Attacks with Proactive Defense

What Is Managed Detection and Response (MDR)? Meaning, Features, Working, and Uses
Cyber Risk Management

What Is Managed Detection and Response (MDR)? Meaning, Features, Working, and Uses

Steer Clear of the Iceberg: Navigating the Waters of New SEC Cyber Regulations 
Data Security

Steer Clear of the Iceberg: Navigating the Waters of New SEC Cyber Regulations 

Tailwinds and Headwinds: Factors Shaping the Fight Against FinCrime
FinTech

Tailwinds and Headwinds: Factors Shaping the Fight Against FinCrime

Akira Ransomware Gang Obtained $42 Million From Over 250 Victims
Cyber Risk Management

Akira Ransomware Gang Obtained $42 Million From Over 250 Victims

Harnessing Threat Intelligence To Safeguard Financial Services
FinTech

Harnessing Threat Intelligence To Safeguard Financial Services