• EN

PuTTY vulnerability vuln-p521-bias CVE-2024-31497

Link State
Userlevel 7
Badge +8

CVE - CVE-2024-31497 (mitre.org)

PuTTY vulnerability vuln-p521-bias (greenend.org.uk)

 

summary: NIST P521 private keys are exposed by biased signature generation
classvulnerability: This is a security vulnerability.
priorityhigh: This should be fixed in the next release.
absent-in: 0.67
present-in: 0.68 0.69 0.70 0.71 0.72 0.73 0.74 0.75 0.76 0.77 0.78 0.79 0.80
fixed-inc193fe9848f50a88a4089aac647fecc31ae96d27 (0.81)

 

Hi Guysm

PuTTY Releases Security Update to Address Critical Vulnerability

PuTTY developers have warned of a critical vulnerability affecting versions 0.68 to 0.80. The flaw could allow an attacker to fully recover NIST-P521 private keys.

The vulnerability, CVE-2024-31497, stems from errors in ECDSA cryptographic number generation, enabling private key recovery. The discovery of the flaw is attributed to researchers Fabian Bäumer and Markus Brinkmann of Ruhr University Bochum.

The first 9 bits of each ECDSA nonce are zero, allowing for the complete recovery of the private key from approximately 60 signatures using state-of-the-art techniques.

A malicious actor possessing several dozen signed messages and a public key would have sufficient data to recover the private key and forge signatures, potentially leading to unauthorized access to servers and services that utilize this key.

The issue also affected other products integrated with vulnerable PuTTY versions:

  • FileZilla (3.24.1 – 3.66.5)
  • WinSCP (5.9.5 – 6.3.2)
  • TortoiseGit (2.4.0.2 – 2.15.0)
  • TortoiseSVN (1.10.0 – 1.14.6)

Following responsible disclosure, the issue has been addressed in new releases of PuTTY 0.81, FileZilla 3.67.0, WinSCP 6.3.3, and TortoiseGit 2.15.0.1.

Product developers have adopted the RFC 6979 technique to generate all DSA and ECDSA key types, abandoning the previous method. TortoiseSVN users are advised to utilize Plink from the latest PuTTY 0.81 release when accessing SVN repositories via SSH until an update is released.

NIST-P521 ECDSA keys used in any of the affected components should be considered compromised and immediately revoked by removing them from "~/.ssh/authorized_keys" and similar files on other SSH servers.

Veeam: VMCA | VMCE | VMXP | Veeam Legend - Microsoft: MCITP | MCP | MCSA | 2008 R2 | 2012R2 | 2016 | MCSE Core Infrastructure | MCSE Cloud Platform - Azure: AZ900 | AZ104 - VMWare: VCP-DCV Vsphere 7.x - Cisco: CCNA (Expired)

9 comments

coolsport00
Userlevel 7
Badge +17

Thanks for sharing @Link State . I'll need to download new versions of PuTTy & WinSCP it appears 🤷🏼‍♂️

Shane Williford - Veeam VMCA/VMCE | Veeam Legend | VUG Leader | VCP-DCV | Twitter: @coolsport00
Chris.Childerhose
Userlevel 7
Badge +20

Looks like putty and winscp updates today due to this security alert.  Thanks for sharing.  👍

Chris Childerhose - VMCA2022 | VMCE2023 | Veeam Vanguard 7* | Veeam Legend 3* | vExpert 5* | VCAP-DCV/VCP-DCV | Object First Ace | Cisco Champion | Twitter: @cchilderhose | Blog Site – https://just-virtualization.tech
Stabz
Userlevel 7
Badge +7

Thanks @Link State 

Veeam will have to create an update cause Putty is integrated in the toolbox
 

 

Philippe DUPUIS |Veeam Certified Engineer | https://original-network.com/
Mildur
Userlevel 7
Badge +12

Hi all

Our upcoming Patch 12.1.2 will include Putty 0.81.

 

Best,

Fabian

Product Management Analyst @ Veeam Software
Chris.Childerhose
Userlevel 7
Badge +20

Hi all

Our upcoming Patch 12.1.2 will include Putty 0.81.

 

Best,

Fabian

Ooh when is that?  LOL 😋

Yes I know when it is ready.  😂

Chris Childerhose - VMCA2022 | VMCE2023 | Veeam Vanguard 7* | Veeam Legend 3* | vExpert 5* | VCAP-DCV/VCP-DCV | Object First Ace | Cisco Champion | Twitter: @cchilderhose | Blog Site – https://just-virtualization.tech
Chris.Childerhose
Userlevel 7
Badge +20

If you are worried about security with Putty then you can download the latest EXE file and place it here for Veeam to use the 0.81 release - Program Files\Veeam\Backup and Replication\Console\PUTTY

I just renamed the EXE located here (backup) and copied over the new one 0.81 which now works when launching from the VBR console.

Chris Childerhose - VMCA2022 | VMCE2023 | Veeam Vanguard 7* | Veeam Legend 3* | vExpert 5* | VCAP-DCV/VCP-DCV | Object First Ace | Cisco Champion | Twitter: @cchilderhose | Blog Site – https://just-virtualization.tech
Link State
Userlevel 7
Badge +8

If you are worried about security with Putty then you can download the latest EXE file and place it here for Veeam to use the 0.81 release - Program Files\Veeam\Backup and Replication\Console\PUTTY

I just renamed the EXE located here (backup) and copied over the new one 0.81 which now works when launching from the VBR console.

Nice workaround m8! 😎

Veeam: VMCA | VMCE | VMXP | Veeam Legend - Microsoft: MCITP | MCP | MCSA | 2008 R2 | 2012R2 | 2016 | MCSE Core Infrastructure | MCSE Cloud Platform - Azure: AZ900 | AZ104 - VMWare: VCP-DCV Vsphere 7.x - Cisco: CCNA (Expired)
Link State
Userlevel 7
Badge +8

Hi all

Our upcoming Patch 12.1.2 will include Putty 0.81.

 

Best,

Fabian

need MOAR info 👀

Veeam: VMCA | VMCE | VMXP | Veeam Legend - Microsoft: MCITP | MCP | MCSA | 2008 R2 | 2012R2 | 2016 | MCSE Core Infrastructure | MCSE Cloud Platform - Azure: AZ900 | AZ104 - VMWare: VCP-DCV Vsphere 7.x - Cisco: CCNA (Expired)
dips
Userlevel 7
Badge +7

Thanks for sharing @Link State 

In terms of the vulnerability, unless the Putty installation that is included with Veeam is being used for SSH connections it should be fine to wait for the update from Veeam. 

Additionally, the attacker would need to have compromised the server. 

More serious is that the P521 private keys generated using the vulnerable version of Putty should be considered vulnerable and replaced.

Dipen N. K. | IT Security Specialist | Veeam Legend 2022 - 2023 | www.dipen.co.uk

Comment


Terms & Conditions