Skip to main content

Prevent SSL ROBOT attacks

ROBOT (Return of Bleichenbacher's Oracle Threat) reappears. This vulnerability in SSL/TLS appeared first in 1998.

Security assessment

Security_Assessment_ PreventSSLROBOT

CVSS vector: AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N

Vulnerability information

In 1998, Daniel Bleichenbacher identified a vulnerability in using RSA encryption. Error codes issued by SSL servers for PKCS #1 v1.5 padding errors made it possible for malicious users to abuse an adaptive chosen-ciphertext attack vulnerability. This way, they could break the TLS confidentiality through error messages.

Three researchers rediscovered the vulnerability 19 years after the initial attack was found. They warned websites and software vendors that were affected and this is how the name 'Return of Bleichenbacher's Oracle Threat (ROBOT attack) came to be.

Impact of the 'Return of Bleichenbacher's Oracle Threat'

The ROBOT vulnerability is quite severe for hosts that use only RSA encryption key exchanges. In such cases, attackers can record SSL/TLS traffic and use it for malicious purposes by later decryption.

Hosts that support RSA encryption modes but use forward secrecy are not high risk. Performing Server Impersonation or a Man-in-the-Middle attack may be plausible, but the attacks must be executed quickly.

The ROBOT vulnerability affected numerous popular vendors and vulnerable software solutions, including Cisco, Citrix (CVE-2017-17382 Security Advisory), F5, IBM GSKit, Palo Alto Networks, and more. In addition, highly used and top-rated websites like Facebook and PayPal were also susceptible to the attack and many other vulnerable applications. Among the 100 Alexa-ranked domains, 27 were exposed to ROBOT. In addition, other items using SSL/TLS like VPNs, routers, switches, cameras, and wireless access points were also vulnerable.

Prevent attacks

To prevent potential ROBOT attack scenarios, your first step is to ensure that your SSL/TLS server is up-to-date.

To ensure complete protection, avoiding using RSA cipher suites that may be affected by the vulnerability is essential. See the resource on Secure TLS Configuration for guidelines on disabling these cipher suites.

What's the state of your digital security, and how protected is your web app or API? You can use the DAST Essentials to check for ROBOT vulnerability and find out if any elements in your systems are susceptible to threats like it.