ssh key reuse in Thales/Gemalto/SafeNet products
Categories: [Security]
Overview
Several Thales products (formerly Gemalto or SafeNet) embed the system's ssh key when the image is created.
Affected products
- ProtectV 3.5 through 4.10.0
- KeySecure "Next Generation" (all versions)
- Ciphertrust Manager before 2.4
Vulnerability ID
CVE-2021-xxxxx (Waiting for number assignment by Thales)
Impact
Every virtual appliance uses the same server-side ssh keys, potentially allowing credential theft.
With access to source code, an attacker could build a malicious HSM or other appliance to capture credentials or keys.
While the chance to exploit this is pretty low, an encryption vulnerability an HSM vendor is egregious.
Workaround
You can regenerate ssh host keys on an existing system from the console or an existing ssh connection.
rm /etc/ssh/ssh_host_*
dpkg-reconfigure openssh-server
/etc/init.d/ssh restartTimeline
Note: I noticed this bug in March 2017 while testing ProtectV 3.5, and informed (at the time) Gemalto professional support. We implemented version 2.x which was not impacted. Unfortunately I didn't follow up on this until researching upgrade options.
- 1/19/2021: Initial report to Thales PSIRT, received response
- 4/9/2021: Emailed again for follow-up
- 4/12/2021: Thales responded that they'll follow up with the related team and provide status
- 4/19/2021: Thales responds and verifies vulnerability
- 4/19/2021: Emailed Thales and requested timeframe
- 6/3/2021: Emailed again for follow-up
- 6/17/2021: Emailed again for follow-up
- 6/17/2021: Thales responds that they'll get status and respond the next day
- 6/22/2021: Emailed again for follow-up. In the email I noted that the release notes implied that they had fixed the issue silently.1
- 6/28/2021: Thales responds that they are escalating the issue with the related team for urgent status.
- 6/30/2021: Thales responds that a security advisory was published on May 5 on their customer-only portal. I no longer have access to the customer portal, so I cannot verify this.
- 7/1/2021-7/5/2021: Discussion around who applies for the CVE ID. Thales offers to request the ID.
-
https://thalesdocs.com/ctp/cm/latest/release_notes/index.html#ssh-key-fingerprint-change-after-upgrade ↩