- Security researchers have discovered a new vulnerability called Terrapin that impacts the Secure Shell (SSH) network protocol.
- According to the study, at least 77% of SSH servers support modes that can be exploited through the vulnerability.
Security researchers from Germany’s Ruhr University Bochum have found a vulnerability in Secure Shell (SSH) cryptographic network protocol that can enable malicious actors to reduce protections in what is normally considered a secure channel. The vulnerability is known as Terrapin, the CVE-2023-48795, which is a prefix truncation attack.
The Terrapin vulnerability allows attackers to extract messages from servers and clients by making changes to sequence numbers during handshake processes to establish secure communication channels. This reduces the security of the connections, weakening authentication algorithms and stopping protections against attacks that involve timing keystrokes.
See More: 1.3M LoanCare Borrowers Data Exfiltrated in Fidelity National Financial Breach
The vulnerability is the very first practically exploitable prefix truncation attack found by researchers, which is part of a new group of attacks that…
?xml>
