New Terrapin Flaw Could Let Attackers Downgrade SSH Protocol Security
New Terrapin Flaw Could Let Attackers Downgrade SSH Protocol Security
01 January 2024
Security researchers from Ruhr University Bochum have discovered a vulnerability in the Secure Shell (SSH) cryptographic network protocol that could allow an attacker to downgrade the connection's security by breaking the integrity of the secure channel.
Called Terrapin (CVE-2023-48795, CVSS score: 5.9), the exploit has been described as the "first ever practically exploitable prefix