Blog | G5 Cyber Security

19-Year-Old TLS Vulnerability Weakens Website Crypto

New research shows how an old vulnerability called ROBOT can be exploited using an adaptive chosen-ciphertext attack to reveal the plaintext for a given HTTPS session. A successful attack could allow an attacker to passively record traffic and later decrypt it or open the door for a man-in-the-middle attack. The vulnerability is tied to the TLS protocol and a flaw in the algorithm that handles RSA encryption keys. The U.S. Computer Emergency Readiness Team issued a security bulletin on the vulnerability Tuesday and lists eight vendors affected.

Source: https://threatpost.com/19-year-old-tls-vulnerability-weakens-modern-website-crypto/129158/

Exit mobile version