Recently, security researcher Khaled Nassar made public on GitHub the PoC code for a newly disclosed digital signature bypass vulnerability in Java, tracked as CVE-2022-21449.
The vulnerability is known to have been discovered by Neil Madden, a researcher at security consulting firm ForgeRock, in November of last year, and was notified to Oracle the same day.
Although Oracle gave the vulnerability a CVSS rating of 7.5, ForgeRock said they had privately disclosed the vulnerability when it was first discovered and rated the vulnerability a 10 on the CVSS.
Madden explained this by saying.
It’s hard to overstate the severity of this vulnerability. If ECDSA signatures are used for any of these security mechanisms (SSL, JWT, WebAuthn) and your server is running Java versions 15, 16, 17 or 18 before the April 2022 Critical Patch Update (CPU), an attacker could easily bypass them entirely. Nearly all real-world WebAuthn/FIDO devices (including Yubikey) use ECDSA signatures, and many OIDC providers use ECDSA-signed JWTs."
In addition, information security expert Thomas Ptacek has described the vulnerability as the encryption vulnerability of the year.
The vulnerability, known as Psychic Signatures, is related to Java’s implementation of the Elliptic Curve Digital Signature Algorithm (ECDSA) and is present in Java versions 15, 16, 17, and 18. This is an encryption mechanism used to digitally sign messages and data to verify the authenticity of the content, and an attacker could exploit this vulnerability to forge TSL signatures and bypass authentication measures.
Nassar attests that setting up a malicious TLS server can trick a client into accepting an invalid signature from the server, effectively allowing the rest of TLS to proceed.
The vulnerability affects the following versions of Java SE and Oracle GraalVM Enterprise Edition.
-
Oracle Java SE: 7u331, 8u321, 11.0.14, 17.0.2, 18
-
Oracle GraalVM Enterprise Edition: 20.3.5, 21.3.1, 22.0.0.2
Oracle has now fixed the vulnerability in a critical patch update bulletin and urges developers or enterprises using Java 15, 16, 17, and 18 to update as soon as possible.