#VU46573 Raccoon attack in OpenSSL - CVE-2020-1968


| Updated: 2023-10-30

Vulnerability identifier: #VU46573

Vulnerability risk: Medium

CVSSv4.0: 6.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Green]

CVE-ID: CVE-2020-1968

CWE-ID: CWE-200

Exploitation vector: Network

Exploit availability: No

Vulnerable software:
OpenSSL
Server applications / Encryption software

Vendor: OpenSSL Software Foundation

Description

The vulnerability allows a remote attacker to gain access to potentially sensitive information.

The vulnerability exists due to a timing flaw in the TLS specification. A remote attacker can compute the pre-master secret in connections which have used a Diffie-Hellman (DH) based ciphersuite and eavesdrop on all encrypted communications sent over that TLS connection.

Note: The attack can only be exploited if an implementation re-uses a DH secret across multiple TLS connections.

Mitigation
Install updates from vendor's website.

Vulnerable software versions

OpenSSL: 1.0.2h - 1.0.2p

External links
https://www.openssl.org/news/secadv/20200909.txt

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.


Latest bulletins with this vulnerability


Ubuntu update for openssl
Multiple vulnerabilities in Dell ThinOS
Multiple vulnerabilities in IBM QRadar SIEM
Multiple vulnerabilities in Dell Networker
Multiple vulnerabilities in IBM Rational Build Forge
Raccoon attack in IBM Engineering Workflow Management (EWM)
Gentoo update for OpenSSL
Multiple vulnerabilities in Hitachi Energy Gateway Station (GWS)
Multiple vulnerabilities in Hitachi Energy FACTS Control Platform (FCP)
Junos OS update for OpenSSL