When NSA says CVE-2020-0601 enables Remote Code Execution, they mean that trusted communication channels like automatic update downloads and non-validated input between systems could be modified in-transit by a MitM, to cause RCE or other malevolent ends.
-
-
Prikaži ovu nit
-
This vulnerability is not about a wormable global takedown of computers, but instead resourced attackers who own network transit points being able to modify communication streams at-will. Basically, nation-state APTs who routinely compromise foreign network infrastructure.
Prikaži ovu nit -
The gravest impacts of this are established societal and industrial infrastructure. Bank communications. Infrastructure control. Heavy industry. This is a much different threat than is traditionally discussed or news consumers really understand the ramifications of.
Prikaži ovu nit -
Because both TLS communication stream encryption and Authenticode file validation are impacted by this flaw in PKI validation, the normal ways this is guarded against for program updates, are both compromised. There are a few that go beyond this, but it’s exceptionally rare.
Prikaži ovu nit -
This is a fast-checkmate flaw for a hugely resourced and patient global actor like the NSA, but it’s a far greater systemic threat to the United States, which explains why this was properly disclosed to Microsoft.
Prikaži ovu nit -
Innumerable protocols and transactions are protected with x509. Enterprise voice, VPN, really everything these days is being wrapped up in HTTPS and sent over the Internet. And they all rely on Windows’ correct implementation, which is at fault here.
Prikaži ovu nit -
This probably impacts SmartCards / authentication devices that emulate them, too. The US government uses them extensively for access control on secure networks worldwide.
@dakami prodded me to mention this.Prikaži ovu nit -
Note this SmartCard attack scenario is pure speculation and not based on any background info. I’m not sure if it would work since it might be the wrong place in the chain, I’m not sure.
Prikaži ovu nit -
UPDATE: Attacking SmartCard through this flaw is not likely since it leverages elliptic curve, and those cards are very stuck on RSA. In theory it could be in an artisanal environment, not something to really worry about. I’m leaving these tweets up so others speculating can see.
Prikaži ovu nit -
NEW:
@tqbf along with several other cryptographers speculate on how CVE-2020-0601 works at a technical level: https://news.ycombinator.com/item?id=22048619 …Prikaži ovu nit -
^
@BearSSLnews is the other cryptographer. Update on the SmartCard attack vector: It could work with right scenario, but in practice there aren’t really private roots signing with ECDSA, so there are likely no vulnerable intermediaries. And smartcards are pinned to a private rootPrikaži ovu nit -
Microsoft have built extensive alerting for CVE-2020-0601 which will definitely complicate exploitation, since there’s few in a network position to interdict your traffic, except governments. Yes I know about WiFi/Responder that’s not the main problem here https://twitter.com/amitaitechie/status/1217156973268893696?s=21 …https://twitter.com/AmitaiTechie/status/1217156973268893696 …
Prikaži ovu nit -
After FLAME abused a Microsoft certificate for malware, MSFT added large numbers of hardening solutions to WinUpdate, even for significant security break scenarios. It appears because of this, Windows Update itself is not vulnerable to CVE-2020-0601.https://twitter.com/gossithedog/status/1217242998418935809 …
Prikaži ovu nit -
This appears to show a private exploit for CVE-2020-0601 has now been developed. Saleem is a trusted researcher.https://twitter.com/saleemrash1d/status/1217495681230954506 …
Prikaži ovu nit -
Update: Chrome has also fallen to CVE-2020-0601 after a few extra constraints it imposes were met. It’s not a web browsers fault or responsibility to defeat an OS-level problem, it’s a flaw in the most basic tenets of Windows’ PKI validation.https://twitter.com/saleemrash1d/status/1217519809732259840 …
Prikaži ovu nit -
Sidenote: Intermediate CA certificate chaining and caching is an interesting problem that can happen in TLS. If you can’t figure out a validation problem, this may be the root cause. And it’s often overlooked since it “works on the developer’s machine” due to their own habits.
Prikaži ovu nit -
Update: - Chrome’s next version (Beta pending release) will detect CVE-2020-0601. - The New Edge browser Microsoft released today also defeats it. It’s not their responsibility to do this, but it is cool to go the extra mile. I don’t have a contact in Firefox about their plans.
Prikaži ovu nit -
I don’t have public documentation to prove this, you’re going to have to contact a security researcher who has an exploit and ask them to test my information.
Prikaži ovu nit -
Ah interesting! Firefox unaffected, makes sense, doh. Although Firefox has adopted parts of the Windows PKI engine for enterprise compatibility, they’re still based on their-in house NSS engine. My oversight. Thanks
@saleemrash1d, follow them for more infohttps://twitter.com/saleemrash1d/status/1217533569213640705 …Prikaži ovu nit -
Mozilla through their NSS engine and trusted certificate store program are a critical part of the global PKI system, we’re lucky to have their diversity of implementation. A very under-appreciated fact outside of small circles.
Prikaži ovu nit -
Well there we go, a public break released, after a couple of private examples provided yesterday. NSA obviously understood perfectly how fast this would happen. I did not properly gauge how that factored into their urgency.https://twitter.com/kennwhite/status/1217816643725930498 …
Prikaži ovu nit
Kraj razgovora
Novi razgovor -
Čini se da učitavanje traje već neko vrijeme.
Twitter je možda preopterećen ili ima kratkotrajnih poteškoća u radu. Pokušajte ponovno ili potražite dodatne informacije u odjeljku Status Twittera.
)