A fresh SSL vulnerability has been detected, which allows attackers to intercept HTTPS connections.
Name FREAK (Factoring attack on RSA-EXPORT Keys), it intercepts vulnerable clients and servers and forces them to use ‘export-grade’ cryptography, which can then be decrypted. Specifically vulnerable are Apple and Google browsers, according to researchers who uncovered the flaw.
With many Google and Apple devices vulnerable and a patch due from Apple next week, the details of the flaw claim that it exists if a server accepts RSA_EXPORT cipher suites, and the client either offers an RSA_EXPORT suite or is using a version of OpenSSL, then it is vulnerable to CVE-2015-0204.
Specifically vulnerable are websites that support RSA export cipher suites. Users are recommended to disable support for export suites if you run a web server, and instead of simply excluding RSA export cipher suites, to disable support for all known insecure ciphers and enable forward secrecy.
A full list of vulnerable websites includes news websites, recruitment sites and financial services companies. According to the Washington Post, the flaw resulted from a former US Government policy, which forbade the export of strong encryption and required that weaker “export-grade” products be shipped to customers in other countries.
Although those restrictions were lifted in the late 1990s, the weaker encryption got built into widely used software that proliferated around the world and was apparently unnoticed until this year.
TK Keanini, CTO of Lancope, said: “The vulnerability exists because weak cryptographic methods were once optional. Everyone has moved to stronger cryptographic methods but some clients and servers historically can still negotiate to these weaker crypto.
“Users who need to be extra cautious here are ones who, by design, have an entity in the middles of their traffic. For example, some nation states control Internet gateways in and out of their nation and because of this topological placement are in an optimal place to exploit everyday users. Hopefully this will not last long and clients and servers will be patched and are kept from negotiating to this weak cipher.
“While it is not trivial to exploit, the most advanced threat actors do have the capabilities to exploit this vulnerability. Never underestimate the advanced threat actor. It is best to bias toward the worse case and proceed with caution.”