SonicWall Security Advisory
On December 18th, 2023, researchers from the Ruhr University
Bochum published a protocol flaw in the SSH v2 protocol, called Terrapin
The flaw allows removing encrypted SSH messages at the begin
of the communication, allowing downgrade of security aspects of SSH
This occurs because the SSH Binary Packet Protocol (BPP), mishandles the handshake phase, and mishandles
use of sequence numbers.
To carry out the Terrapin attack, a threat actor must be
capable of performing a man-in-the-middle (MITM) attack at the network layer. Another precondition
is that the connection must be secured by either ChaCha20-Poly1305 or CBC with
Last updated: Jan. 16, 2024, 6:37 a.m.