CVE-2017-3737
published 2017-12-07CVE-2017-3737: OpenSSL 1.0.2 (starting from version 1.0.2b) introduced an "error state" mechanism. The intent was that if a fatal error occurred during a handshake then…
PriorityP351medium5.9CVSS 3.0
AVNACHPRNUINSUCHINAN
EPSS
78.67%
99.5th percentile
OpenSSL 1.0.2 (starting from version 1.0.2b) introduced an "error state" mechanism. The intent was that if a fatal error occurred during a handshake then OpenSSL would move into the error state and would immediately fail if you attempted to continue the handshake. This works as designed for the explicit handshake functions (SSL_do_handshake(), SSL_accept() and SSL_connect()), however due to a bug it does not work correctly if SSL_read() or SSL_write() is called directly. In that scenario, if the handshake fails then a fatal error will be returned in the initial function call. If SSL_read()/SSL_write() is subsequently called by the application for the same SSL object then it will succeed and the data is passed without being decrypted/encrypted directly from the SSL/TLS record layer. In order to exploit this issue an application bug would have to be present that resulted in a call to SSL_read()/SSL_write() being issued after having already received a fatal error. OpenSSL version 1.0.2b-1.0.2m are affected. Fixed in OpenSSL 1.0.2n. OpenSSL 1.1.0 is not affected.
Affected
49 ranges· showing 25
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | debian_linux | — | — |
| debian | nodejs | — | — |
| debian | openssl | < openssl 1.1.0b-2 (bookworm) | openssl 1.1.0b-2 (bookworm) |
| nodejs | node.js | 4.0.0 – 4.1.2 | — |
| nodejs | node.js | >= 4.2.0 < 4.8.7 | 4.8.7 |
| nodejs | node.js | 6.0.0 – 6.8.1 | — |
| nodejs | node.js | >= 6.9.0 < 6.12.2 | 6.12.2 |
| nodejs | node.js | 8.0.0 – 8.8.1 | — |
| nodejs | node.js | >= 8.9.0 < 8.9.3 | 8.9.3 |
| nodejs | node.js | >= 9.0.0 < 9.2.1 | 9.2.1 |
| nodejs | nodejs | >= 0 < 8.9.3-r0 | 8.9.3-r0 |
| nodejs | nodejs | >= 0 < 8.9.3-r0 | 8.9.3-r0 |
| nodejs | nodejs | >= 0 < 8.9.3-r0 | 8.9.3-r0 |
| nodejs | nodejs | >= 0 < 8.9.3-r0 | 8.9.3-r0 |
| nodejs | nodejs | >= 0 < 8.9.3-r0 | 8.9.3-r0 |
| nodejs | nodejs | >= 0 < 8.9.3-r0 | 8.9.3-r0 |
| nodejs | nodejs | >= 0 < 8.9.3-r0 | 8.9.3-r0 |
| nodejs | nodejs | >= 0 < 8.9.3-r0 | 8.9.3-r0 |
| nodejs | nodejs | >= 0 < 8.9.3-r0 | 8.9.3-r0 |
| nodejs | nodejs | >= 0 < 8.9.3-r0 | 8.9.3-r0 |
| nodejs | nodejs | >= 0 < 8.9.3-r0 | 8.9.3-r0 |
| nodejs | nodejs | >= 0 < 8.9.3-r0 | 8.9.3-r0 |
| nodejs | nodejs | >= 0 < 8.9.3-r0 | 8.9.3-r0 |
| nodejs | nodejs | >= 0 < 8.9.3-r0 | 8.9.3-r0 |
| nodejs | nodejs | >= 0 < 8.9.3-r0 | 8.9.3-r0 |
Detection & IOCsextracted from sources · hover to see the quote
- →Look for TLS sessions where a fatal handshake alert is followed immediately by application-layer data records on the same TCP connection/SSL object — this indicates the error state bypass is being exploited. ↗
- →Monitor for attacker-controlled SSL servers sending malformed Server Hello messages to clients running OpenSSL 1.0.2b–1.0.2m, triggering ssl3_get_server_hello() fatal errors that set s->state to SSL_ST_ERR. ↗
- →For Node.js environments, flag active network connections using TLS or HTTP/2 modules where TLS handshake failure is followed by continued data exchange, as Node.js was specifically vulnerable via SSL_read() misuse. ↗
- →No authentication is required to exploit this vulnerability; any unauthenticated connection attempt to a vulnerable SSL endpoint should be considered a potential exploitation vector. ↗
- ·Only OpenSSL versions 1.0.2b through 1.0.2m are affected; OpenSSL 1.0.2n (patched) and OpenSSL 1.1.0 are NOT vulnerable. ↗
- ·Exploitation requires an application-level bug where SSL_read()/SSL_write() is called again after a fatal handshake error is returned — a correctly written application that checks errors is not exploitable. ↗
- ·The vulnerability does NOT affect the explicit handshake functions SSL_do_handshake(), SSL_accept(), and SSL_connect() — only direct calls to SSL_read()/SSL_write() are affected. ↗
- ·The 'error state' mechanism itself was only introduced in OpenSSL 1.0.2b; versions prior to 1.0.2b do not have this mechanism and are therefore not affected by this specific bypass. ↗
CVSS provenance
nvdv3.05.9MEDIUMCVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
nvdv2.04.3MEDIUMAV:N/AC:M/Au:N/C:P/I:N/A:N
osv9.1CRITICAL
vendor_debian9.1LOW
vendor_redhat9.1CRITICAL
vendor_ubuntu5.9MEDIUM
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
CISA ICS
Siemens OpenSSL Vulnerability in Industrial Products (Update E)
cisa_ics·2019-02-12
Siemens OpenSSL Vulnerability in Industrial Products (Update E)
## Archived Content In an effort to keep CISA.gov current, the archive contains outdated information that may not reflect current policy or programs.
ICS Advisory
##
Siemens OpenSSL Vulnerability in Industrial Products (Update E)
Last RevisedApril 09, 2019
Alert CodeICSA-18-226-02
## 1. EXECUTIVE SUMMARY
-
CVSS v3 5.9
- ATTENTION: Exploitable remotely
- Vendor: Siemens
- Equipment: Industrial Products
- Vulnerability: Cleartext Transmission of Sensitive Information
## 2. UPDATE INFORMATION
This updated advisory is a follow-up to the updated advisory titled ICSA-18-226-02 Siemens OpenSSL Vulnerability in Industrial Products (Update D) that was published February 12, 2019, on the NCCIC/ICS-CERT website.
## 3. RISK EVALUATION
Successful
Ubuntu
OpenSSL vulnerabilities
vendor_ubuntu·2017-12-11·CVSS 5.9
CVE-2017-3737 [MEDIUM] OpenSSL vulnerabilities
Title: OpenSSL vulnerabilities
Summary: Several security issues were fixed in OpenSSL.
David Benjamin discovered that OpenSSL did not correctly prevent
buggy applications that ignore handshake errors from subsequently calling
certain functions. (CVE-2017-3737)
It was discovered that OpenSSL incorrectly performed the x86_64 Montgomery
multiplication procedure. While unlikely, a remote attacker could possibly
use this issue to recover private keys. (CVE-2017-3738)
Instructions: After a standard system update you need to reboot your computer to make
all the necessary changes.
BSD
FreeBSD-SA-17:12.openssl: OpenSSL multiple vulnerabilities
bsd_advisories·2017-12-09·CVSS 5.9
CVE-2016-0701 [MEDIUM] FreeBSD-SA-17:12.openssl: OpenSSL multiple vulnerabilities
FreeBSD-SA-17:12.openssl Security Advisory
The FreeBSD Project
Topic: OpenSSL multiple vulnerabilities
Category: contrib
Module: openssl
Announced: 2017-12-09
Affects: All supported versions of FreeBSD.
Corrected: 2017-12-07 18:04:48 UTC (stable/11, 11.1-STABLE)
2017-12-09 03:44:26 UTC (releng/11.1, 11.1-RELEASE-p6)
2017-12-09 03:41:31 UTC (stable/10, 10.4-STABLE)
2017-12-09 03:45:23 UTC (releng/10.4, 10.4-RELEASE-p5)
2017-12-09 03:45:23 UTC (releng/10.3, 10.3-RELEASE-p26)
CVE Name: CVE-2017-3737, CVE-2017-3738
For general information regarding FreeBSD Security Advisories,
including descriptions of the fields above, security branches, and the
following sections, please visit .
I. Background
FreeBSD includes software from the OpenSSL Project. The OpenSSL Project is
a collaborative effo
Red Hat
openssl: Read/write after SSL object in error state
vendor_redhat·2017-12-07·CVSS 5.9
CVE-2017-3737 [MEDIUM] CWE-391 openssl: Read/write after SSL object in error state
openssl: Read/write after SSL object in error state
OpenSSL 1.0.2 (starting from version 1.0.2b) introduced an "error state" mechanism. The intent was that if a fatal error occurred during a handshake then OpenSSL would move into the error state and would immediately fail if you attempted to continue the handshake. This works as designed for the explicit handshake functions (SSL_do_handshake(), SSL_accept() and SSL_connect()), however due to a bug it does not work correctly if SSL_read() or SSL_write() is called directly. In that scenario, if the handshake fails then a fatal error will be returned in the initial function call. If SSL_read()/SSL_write() is subsequently called by the application for the same SSL object then it will succeed and the data is passed without being decrypted/encr
Red Hat
nodejs: Vulnerable to CVE-2017-3737 due to embedded OpenSSL
vendor_redhat·2017-12-07·CVSS 9.1
CVE-2017-15896 [CRITICAL] CWE-391 nodejs: Vulnerable to CVE-2017-3737 due to embedded OpenSSL
nodejs: Vulnerable to CVE-2017-3737 due to embedded OpenSSL
Node.js was affected by OpenSSL vulnerability CVE-2017-3737 in regards to the use of SSL_read() due to TLS handshake failure. The result was that an active network attacker could send application data to Node.js using the TLS or HTTP2 modules in a way that bypassed TLS authentication and encryption.
Package: nodejs (Red Hat OpenShift Enterprise 3) - Will not fix
Debian
CVE-2017-15896: nodejs - Node.js was affected by OpenSSL vulnerability CVE-2017-3737 in regards to the us...
vendor_debian·2017·CVSS 9.1
CVE-2017-15896 [CRITICAL] CVE-2017-15896: nodejs - Node.js was affected by OpenSSL vulnerability CVE-2017-3737 in regards to the us...
Node.js was affected by OpenSSL vulnerability CVE-2017-3737 in regards to the use of SSL_read() due to TLS handshake failure. The result was that an active network attacker could send application data to Node.js using the TLS or HTTP2 modules in a way that bypassed TLS authentication and encryption.
Scope: local
bookworm: resolved
bullseye: resolved
forky: resolved
sid: resolved
trixie: resolved
Debian
CVE-2017-3737: openssl - OpenSSL 1.0.2 (starting from version 1.0.2b) introduced an "error state" mechani...
vendor_debian·2017·CVSS 5.9
CVE-2017-3737 [MEDIUM] CVE-2017-3737: openssl - OpenSSL 1.0.2 (starting from version 1.0.2b) introduced an "error state" mechani...
OpenSSL 1.0.2 (starting from version 1.0.2b) introduced an "error state" mechanism. The intent was that if a fatal error occurred during a handshake then OpenSSL would move into the error state and would immediately fail if you attempted to continue the handshake. This works as designed for the explicit handshake functions (SSL_do_handshake(), SSL_accept() and SSL_connect()), however due to a bug it does not work correctly if SSL_read() or SSL_write() is called directly. In that scenario, if the handshake fails then a fatal error will be returned in the initial function call. If SSL_read()/SSL_write() is subsequently called by the application for the same SSL object then it will succeed and the data is passed without being decrypted/encrypted directly from the SSL/TLS record layer. In orde
GHSA
GHSA-fwxf-w2h7-9w25: OpenSSL 1
ghsa_unreviewed·2022-05-13
CVE-2017-3737 [MEDIUM] CWE-125 GHSA-fwxf-w2h7-9w25: OpenSSL 1
OpenSSL 1.0.2 (starting from version 1.0.2b) introduced an "error state" mechanism. The intent was that if a fatal error occurred during a handshake then OpenSSL would move into the error state and would immediately fail if you attempted to continue the handshake. This works as designed for the explicit handshake functions (SSL_do_handshake(), SSL_accept() and SSL_connect()), however due to a bug it does not work correctly if SSL_read() or SSL_write() is called directly. In that scenario, if the handshake fails then a fatal error will be returned in the initial function call. If SSL_read()/SSL_write() is subsequently called by the application for the same SSL object then it will succeed and the data is passed without being decrypted/encrypted directly from the SSL/TLS record layer. In orde
GHSA
GHSA-449x-cpjc-795h: Node
ghsa_unreviewed·2022-05-13·CVSS 5.9
CVE-2017-15896 [MEDIUM] GHSA-449x-cpjc-795h: Node
Node.js was affected by OpenSSL vulnerability CVE-2017-3737 in regards to the use of SSL_read() due to TLS handshake failure. The result was that an active network attacker could send application data to Node.js using the TLS or HTTP2 modules in a way that bypassed TLS authentication and encryption.
OSV
CVE-2017-15896: Node
osv·2017-12-11·CVSS 9.1
CVE-2017-15896 [CRITICAL] CVE-2017-15896: Node
Node.js was affected by OpenSSL vulnerability CVE-2017-3737 in regards to the use of SSL_read() due to TLS handshake failure. The result was that an active network attacker could send application data to Node.js using the TLS or HTTP2 modules in a way that bypassed TLS authentication and encryption.
OSV
openssl vulnerabilities
osv·2017-12-11·CVSS 5.9
CVE-2017-3737 [MEDIUM] openssl vulnerabilities
openssl vulnerabilities
David Benjamin discovered that OpenSSL did not correctly prevent
buggy applications that ignore handshake errors from subsequently calling
certain functions. (CVE-2017-3737)
It was discovered that OpenSSL incorrectly performed the x86_64 Montgomery
multiplication procedure. While unlikely, a remote attacker could possibly
use this issue to recover private keys. (CVE-2017-3738)
OSV
CVE-2017-3737: OpenSSL 1
osv·2017-12-07·CVSS 5.9
CVE-2017-3737 [MEDIUM] CVE-2017-3737: OpenSSL 1
OpenSSL 1.0.2 (starting from version 1.0.2b) introduced an "error state" mechanism. The intent was that if a fatal error occurred during a handshake then OpenSSL would move into the error state and would immediately fail if you attempted to continue the handshake. This works as designed for the explicit handshake functions (SSL_do_handshake(), SSL_accept() and SSL_connect()), however due to a bug it does not work correctly if SSL_read() or SSL_write() is called directly. In that scenario, if the handshake fails then a fatal error will be returned in the initial function call. If SSL_read()/SSL_write() is subsequently called by the application for the same SSL object then it will succeed and the data is passed without being decrypted/encrypted directly from the SSL/TLS record layer. In orde
No detection rules found.
No public exploits indexed.
Bugzilla
CVE-2017-15896 nodejs: Vulnerable to CVE-2017-3737 due to embedded OpenSSL [fedora-26]
bugzilla·2017-12-12·CVSS 9.1
CVE-2017-15896 [CRITICAL] CVE-2017-15896 nodejs: Vulnerable to CVE-2017-3737 due to embedded OpenSSL [fedora-26]
CVE-2017-15896 nodejs: Vulnerable to CVE-2017-3737 due to embedded OpenSSL [fedora-26]
This is an automatically created tracking bug! It was created to ensure
that one or more security vulnerabilities are fixed in affected versions
of fedora-26.
For comments that are specific to the vulnerability please use bugs filed
against the "Security Response" product referenced in the "Blocks" field.
For more information see:
http://fedoraproject.org/wiki/Security/TrackingBugs
When submitting as an update, use the fedpkg template provided in the next
comment(s). This will include the bug IDs of this tracking bug as well as
the relevant top-level CVE bugs.
Please also mention the CVE IDs being fixed in the RPM changelog and the
fedpkg commit message.
Discussion:
Use the following template to f
Bugzilla
CVE-2017-15896 nodejs: Vulnerable to CVE-2017-3737 due to embedded OpenSSL
bugzilla·2017-12-12·CVSS 9.1
CVE-2017-15896 [CRITICAL] CVE-2017-15896 nodejs: Vulnerable to CVE-2017-3737 due to embedded OpenSSL
CVE-2017-15896 nodejs: Vulnerable to CVE-2017-3737 due to embedded OpenSSL
Node.js was affected by OpenSSL vulnerability CVE-2017-3737 in regards to the use of SSL_read() due to TLS handshake failure. The result was that an active network attacker could send application data to Node.js using the TLS or HTTP2 modules in a way that bypassed TLS authentication and encryption.
External References:
https://nodejs.org/en/blog/vulnerability/december-2017-security-releases/
Discussion:
Created nodejs tracking bugs for this issue:
Affects: epel-6 [bug 1525107]
Affects: fedora-26 [bug 1525108]
Affects: openshift-1 [bug 1525109]
---
The Fedora and EPEL trackers were immediately closed as notabug because of those versions using system OpenSSL rather than bundled. However, it's not quite clear
Bugzilla
CVE-2017-15896 nodejs: Vulnerable to CVE-2017-3737 due to embedded OpenSSL [epel-6]
bugzilla·2017-12-12·CVSS 9.1
CVE-2017-15896 [CRITICAL] CVE-2017-15896 nodejs: Vulnerable to CVE-2017-3737 due to embedded OpenSSL [epel-6]
CVE-2017-15896 nodejs: Vulnerable to CVE-2017-3737 due to embedded OpenSSL [epel-6]
This is an automatically created tracking bug! It was created to ensure
that one or more security vulnerabilities are fixed in affected versions
of epel-6.
For comments that are specific to the vulnerability please use bugs filed
against the "Security Response" product referenced in the "Blocks" field.
For more information see:
http://fedoraproject.org/wiki/Security/TrackingBugs
When submitting as an update, use the fedpkg template provided in the next
comment(s). This will include the bug IDs of this tracking bug as well as
the relevant top-level CVE bugs.
Please also mention the CVE IDs being fixed in the RPM changelog and the
fedpkg commit message.
Discussion:
Use the following template to for the
Bugzilla
CVE-2017-3737 openssl: Read/write after SSL object in error state
bugzilla·2017-12-08·CVSS 5.9
CVE-2017-3737 [MEDIUM] CVE-2017-3737 openssl: Read/write after SSL object in error state
CVE-2017-3737 openssl: Read/write after SSL object in error state
OpenSSL 1.0.2 (starting from version 1.0.2b) introduced an "error state"
mechanism. The intent was that if a fatal error occurred during a handshake then
OpenSSL would move into the error state and would immediately fail if you
attempted to continue the handshake. This works as designed for the explicit
handshake functions (SSL_do_handshake(), SSL_accept() and SSL_connect()),
however due to a bug it does not work correctly if SSL_read() or SSL_write() is
called directly. In that scenario, if the handshake fails then a fatal error
will be returned in the initial function call. If SSL_read()/SSL_write() is
subsequently called by the application for the same SSL object then it will
succeed and the data is passed without being
Bugzilla
CVE-2017-3737 CVE-2017-3738 mingw-openssl: various flaws [fedora-all]
bugzilla·2017-12-08·CVSS 5.9
CVE-2017-3737 [MEDIUM] CVE-2017-3737 CVE-2017-3738 mingw-openssl: various flaws [fedora-all]
CVE-2017-3737 CVE-2017-3738 mingw-openssl: various flaws [fedora-all]
This is an automatically created tracking bug! It was created to ensure
that one or more security vulnerabilities are fixed in affected versions
of fedora-all.
For comments that are specific to the vulnerability please use bugs filed
against the "Security Response" product referenced in the "Blocks" field.
For more information see:
http://fedoraproject.org/wiki/Security/TrackingBugs
When submitting as an update, use the fedpkg template provided in the next
comment(s). This will include the bug IDs of this tracking bug as well as
the relevant top-level CVE bugs.
Please also mention the CVE IDs being fixed in the RPM changelog and the
fedpkg commit message.
NOTE: this issue affects multiple supported versions of Fedo
Bugzilla
CVE-2017-3738 openssl: rsaz_1024_mul_avx2 overflow bug on x86_64 [fedora-all]
bugzilla·2017-12-08·CVSS 5.9
CVE-2017-3738 [MEDIUM] CVE-2017-3738 openssl: rsaz_1024_mul_avx2 overflow bug on x86_64 [fedora-all]
CVE-2017-3738 openssl: rsaz_1024_mul_avx2 overflow bug on x86_64 [fedora-all]
This is an automatically created tracking bug! It was created to ensure
that one or more security vulnerabilities are fixed in affected versions
of fedora-all.
For comments that are specific to the vulnerability please use bugs filed
against the "Security Response" product referenced in the "Blocks" field.
For more information see:
http://fedoraproject.org/wiki/Security/TrackingBugs
When submitting as an update, use the fedpkg template provided in the next
comment(s). This will include the bug IDs of this tracking bug as well as
the relevant top-level CVE bugs.
Please also mention the CVE IDs being fixed in the RPM changelog and the
fedpkg commit message.
NOTE: this issue affects multiple supported versions
Bugzilla
CVE-2017-3737 CVE-2017-3738 mingw-openssl: various flaws [epel-7]
bugzilla·2017-12-08·CVSS 5.9
CVE-2017-3737 [MEDIUM] CVE-2017-3737 CVE-2017-3738 mingw-openssl: various flaws [epel-7]
CVE-2017-3737 CVE-2017-3738 mingw-openssl: various flaws [epel-7]
This is an automatically created tracking bug! It was created to ensure
that one or more security vulnerabilities are fixed in affected versions
of epel-7.
For comments that are specific to the vulnerability please use bugs filed
against the "Security Response" product referenced in the "Blocks" field.
For more information see:
http://fedoraproject.org/wiki/Security/TrackingBugs
When submitting as an update, use the fedpkg template provided in the next
comment(s). This will include the bug IDs of this tracking bug as well as
the relevant top-level CVE bugs.
Please also mention the CVE IDs being fixed in the RPM changelog and the
fedpkg commit message.
Discussion:
Use the following template to for the 'fedpkg update' r
Tenable
[R2] SecurityCenter 5.6.1 Fixes Multiple Third-party Vulnerabilities
blogs_tenable·2018-01-15
[R2] SecurityCenter 5.6.1 Fixes Multiple Third-party Vulnerabilities
## Cloud Exposure
Tenable Cloud Security (CNAPP) Request a demo
Tenable Cloud Vulnerability Management Request a demo
Tenable CIEM Request a demo
Secure your cloud
## Vulnerability Exposure
Tenable Vulnerability Management Try for free
Tenable Security Center Request a demo
Tenable Web App Scanning Try for free
Tenable Patch Management Request a demo
Tenable Enclave Security Request a demo
Tenable Attack Surface Management Request a demo
Tenable Nessus Try for free
## AI Exposure
Tenable AI Exposure Request a demo
## OT/IoT Exposure
Tenable OT Security Request a demo
## Identity Exposure
Tenable Identity Exposure Request a demo
## Business needs
Active Directory
AI Security Posture Management (AI-SPM)
AWS security
Azure security
Cloud Security Posture Man
Fortinet
An Analysis of the OpenSSL SSL Handshake Error State Security Bypass (CVE-2017-3737)
blogs_fortinet·2018-01-12·CVSS 5.9
CVE-2017-3737 [MEDIUM] An Analysis of the OpenSSL SSL Handshake Error State Security Bypass (CVE-2017-3737)
FORTIGUARD LABS THREAT RESEARCH
An Analysis of the OpenSSL SSL Handshake Error State Security Bypass (CVE-2017-3737)
By Dehui Yin | January 12, 2018
OpenSSL is a widely used library for SSL and TLS protocol implementation that secures data using encryption and decryption based on cryptographic functions. However, a Security Bypass vulnerability – recently addressed in a patch by the OpenSSL Project –can be exploited to make vulnerable SSL clients or remote SSL servers send clean application data without encryption.
This Security Bypass vulnerability (CVE-2017-3737) is caused by an error when the SSL_read or SSL_write function handles an "error state" during an SSL handshake. In this paper the FortiGuard Labs team examines the root cause of this vulnerability.
The "error state" mechanis
arXiv
One Bad Apple Spoils the Barrel: Understanding the Security Risks Introduced by Third-Party Components in IoT Firmware
arxiv_fulltext·2022-12-29
One Bad Apple Spoils the Barrel: Understanding the Security Risks Introduced by Third-Party Components in IoT Firmware
One Bad Apple Spoils the Barrel: Understanding the Security Risks Introduced by Third-Party Components in IoT Firmware
## Abstract
Currently, the development of IoT firmware heavily depends on third-party components (TPCs) to improve development efficiency. Nevertheless, TPCs are not secure, and the vulnerabilities in TPCs will influence the security of IoT firmware. Existing works pay less attention to the vulnerabilities caused by TPCs, and we still lack a comprehensive understanding of the security impact of TPC vulnerability against firmware. To fill in the knowledge gap, we design and implement , which leverages syntactical features and control-flow graph features to detect the TPCs in firmware, and then recognizes the corresponding vulnerabilities. Based on , we present the first l
http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.htmlhttp://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.htmlhttp://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.htmlhttp://www.securityfocus.com/bid/102103http://www.securitytracker.com/id/1039978https://access.redhat.com/errata/RHSA-2018:0998https://access.redhat.com/errata/RHSA-2018:2185https://access.redhat.com/errata/RHSA-2018:2186https://access.redhat.com/errata/RHSA-2018:2187https://cert-portal.siemens.com/productcert/pdf/ssa-179516.pdfhttps://github.com/openssl/openssl/commit/898fb884b706aaeb283de4812340bb0bde8476dchttps://security.FreeBSD.org/advisories/FreeBSD-SA-17:12.openssl.aschttps://security.gentoo.org/glsa/201712-03https://security.netapp.com/advisory/ntap-20171208-0001/https://security.netapp.com/advisory/ntap-20180117-0002/https://security.netapp.com/advisory/ntap-20180419-0002/https://www.debian.org/security/2017/dsa-4065https://www.digitalmunition.me/2017/12/cve-2017-3737-openssl-security-bypass-vulnerability/https://www.openssl.org/news/secadv/20171207.txthttps://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.htmlhttps://www.tenable.com/security/tns-2017-16http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.htmlhttp://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.htmlhttp://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.htmlhttp://www.securityfocus.com/bid/102103http://www.securitytracker.com/id/1039978https://access.redhat.com/errata/RHSA-2018:0998https://access.redhat.com/errata/RHSA-2018:2185https://access.redhat.com/errata/RHSA-2018:2186https://access.redhat.com/errata/RHSA-2018:2187https://cert-portal.siemens.com/productcert/pdf/ssa-179516.pdfhttps://github.com/openssl/openssl/commit/898fb884b706aaeb283de4812340bb0bde8476dchttps://security.FreeBSD.org/advisories/FreeBSD-SA-17:12.openssl.aschttps://security.gentoo.org/glsa/201712-03https://security.netapp.com/advisory/ntap-20171208-0001/https://security.netapp.com/advisory/ntap-20180117-0002/https://security.netapp.com/advisory/ntap-20180419-0002/https://www.debian.org/security/2017/dsa-4065https://www.digitalmunition.me/2017/12/cve-2017-3737-openssl-security-bypass-vulnerability/https://www.openssl.org/news/secadv/20171207.txthttps://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.htmlhttps://www.tenable.com/security/tns-2017-16
2017-12-07
Published