Cisco High Severity Flaw Let Attackers Retrieve RSA Private Key Remotely

In Cybersecurity News - Original News Source is cybersecuritynews.com by Blog Writer

Post Sharing

Cisco released software updates that address the vulnerability affecting its Adaptive Security Appliance Software (ASA) and Firepower Threat Defense Software (FTD). The high severity flaw is tracked as (CVE-2022-20866) found in the handling of RSA keys on devices running Cisco Adaptive Security Appliance Software and Cisco Firepower Threat Defense Software.

If the flaw is successfully exploited, it could allow an unauthenticated, remote attacker to retrieve an RSA private key.

“This vulnerability is due to a logic error when the RSA key is stored in memory on a hardware platform that performs hardware-based cryptography. An attacker could exploit this vulnerability by using a Lenstra side-channel attack against the targeted device”, reads the security advisory published by Cisco.

Vulnerable Products

The flaw affects the listed Cisco products which perform hardware-based cryptographic functions if they are running a vulnerable release of Cisco ASA Software or Cisco FTD Software:

  • ASA 5506-X with FirePOWER Services
  • ASA 5506H-X with FirePOWER Services
  • ASA 5506W-X with FirePOWER Services
  • ASA 5508-X with FirePOWER Services
  • ASA 5516-X with FirePOWER Services
  • Firepower 1000 Series Next-Generation Firewall
  • Firepower 2100 Series Security Appliances
  • Firepower 4100 Series Security Appliances
  • Firepower 9300 Series Security Appliances
  • Secure Firewall 3100

List of Conditions that May Be Observed On an Affected Device:

  • It will impact around 5 percent of the RSA keys on a device that is running a vulnerable release of ASA Software or FTD Software; not all RSA keys are expected to be affected due to mathematical calculations applied to the RSA key.
  • The RSA key could be valid but have specific characteristics that make it vulnerable to the potential leak of the RSA private key.
  • The RSA key could be malformed and invalid. A malformed RSA key is not functional, and a TLS client connection to a device that is running Cisco ASA Software or Cisco FTD Software that uses the malformed RSA key will result in a TLS signature failure, which means a vulnerable software release created an invalid RSA signature that failed verification. If an attacker obtains the RSA private key, they might use the key to impersonate a device that is running Cisco ASA Software or Cisco FTD Software or to decrypt the device traffic.

Cisco mentions that any RSA key on a vulnerable software release, apart from where it was originally generated, could be malformed or vulnerable. Therefore there is a possibility that the RSA private key can be leaked to malicious actors.

Fixed Releases

ASA Software

Cisco ASA Software Release First Fixed Release
9.15 and earlier1 Not vulnerable
9.16 9.16.3.19
9.17 9.17.1.13
9.18 9.18.2

FTD Software

Cisco FTD Software Release First Fixed Release
6.7.0 and earlier1 Not vulnerable
7.0.0 7.0.4
7.1.0 Cisco_FTD_Hotfix_P-7.1.0.2-2.sh.REL.tar Cisco_FTD_SSP_FP1K_Hotfix_P-7.1.0.2-2.sh.REL.tar Cisco_FTD_SSP_FP2K_Hotfix_P-7.1.0.2-2.sh.REL.tar Cisco_FTD_SSP_Hotfix_P-7.1.0.2-2.sh.REL.tar Cisco_FTD_SSP_FP3K_Hotfix_Q-7.1.0.3-2.sh.REL.tar
7.2.0 7.2.0.1

Cisco has credited Nadia Heninger and George Sullivan of the University of California San Diego and Jackson Sippe and Eric Wustrow of the University of Colorado Boulder for reporting the security flaw. The Product Security Incident Response Team (PSIRT) of the company found no evidence of exploitation in attacks.