New Terrapin Flaw Could Let Attackers Downgrade SSH Protocol Security

Ruhr University Bochum security researchers have found a flaw in the Secure Shell (SSH) cryptographic network protocol that might let an attacker compromise the integrity of the secure channel and reduce the security of the connection.

It has been stated that Terrapin (CVE-2023-48795, CVSS score: 5.9) is the “first ever practically exploitable prefix truncation attack.”

Researchers Fabian Bäumer, Marcus Brinkmann, and Jörg Schwenk stated that “an attacker can remove an arbitrary amount of messages sent by the client or server at the beginning of the secure channel without the client or server noticing it read more New Terrapin Flaw Could Let Attackers Downgrade SSH Protocol Security.

Get up to date on the latest cybersecurity news and enhance your knowledge of cybersecurity with our thorough coverage of the dangers, breaches, and solutions.

Leave a Reply

Your email address will not be published. Required fields are marked *