Java version 15 and later has a vulnerability in the implementation of the Elliptic Curve Digital Signature Algorithm (ECDSA) that could be exploited by cybercriminals to digitally sign files by forging certain types of Secure Sockets Layer certificates. SSL (SSL), Signed JSON Web Token (JWT), and even two-factor authentication messages. The issue was first discovered last year and was reported to Oracle, which finally patched it last week. However, because organizations need time to update their systems with the latest releases, any device using affected versions of Java to consume digitally signed data is may be at risk.
Oracle patched the issue, also known as a mistake in the community, as a part of more than 500 bug fixes. The flaw is follow is CVE-2022-21449.
Neil Madden, a researcher at security consulting firm ForgeRock, found the vulnerability and reported it to the public. Oracle privately in November. Although the software company has given the issue a severity rating of 7.5 out of 10, experts including ForgeRock are considering it a vulnerability with Rate the severity of 10 – “due to many impacts on different functions” can bring big impact.
“If you’re running one of the vulnerable versions an attacker can easily forge some sort of SSL certificate and shake hands (allowing interception and modifying communications), signed JWTs , SAML assertions or OIDC id tokens, and even WebAuthn authentication messages, all using the digital equivalent of a white paper, “Madden” Written in a blog post.
Cybercriminals and hackers can use this vulnerability to digitally sign a malicious application or file which can have various impacts on the end consumer. It could allow attackers to eventually gain backdoor access to the system or even hack the network using files and data that look authentic and trusted.
Java uses ECDSA based on the principles of elliptic curve cryptography – one of the known and widely accepted approaches to enable key agreement and digital signatures. The researcher found that the bug was introduced by rewriting the elliptic curve cryptography from native C++ to Java, which occurred with the release of Java 15.
Electronic signatures based on elliptic curve cryptography typically require the user to prove to the recipient that he or she has access to the private key corresponding to the public key. This helps verify authentication and allows the user to gain access to the data. It also restricts users from presenting a digital signature during the handshake who do not have access to the relevant private key.
However, using this vulnerability, an attacker could use an empty signature that could be considered valid and verified by the system against any public key.
Madden calls these signatures similar to a “spiritual paper” – plot devices that appear in long-running sci-fi movies. Which doctor?. It’s basically a completely blank piece of paper but is designed to act as a security card, warrant, or a proof on the basis of what the protagonist wants others to see.
“An ECDSA signature consists of two values, called r and s,” the researcher said while explaining the vulnerability. “To verify the ECDSA signature, the verifier checks an equation involving r, s, the signer’s public key, and a hash of the message. If both sides of the equation are equal, then the signature is equal. valid, otherwise the signature is rejected.”
This process includes a condition that the R and S in the calculation cannot be zero. However, that is not the case with Java performing the verification.
“Java’s implementation of ECDSA signature verification doesn’t check if R or S is zero, so you can generate a signature value that is both zero (properly encoded) and Java will accept it as a valid signature for any message and for any public key,” Madden said.
Recalling the severity highlighted by Madden, security expert Thomas Ptacek speak that the problem was “crypto bug of the year”.
Data security company Sophos in a blog post also shown that the bug doesn’t just affect Java servers that are interacting with client software.
“Any device that uses digitally signed data inside your network could be at risk,” it said.
Affected versions of Java – Java 15 to 18 – are thankfully not as widely used as its predecessors. According to data in a survey conducted from February to March 2021, cybersecurity company Snyk speak Java 11 accounts for more than 61% of the total implementations, while Java 15 accounts for 12%.
However, organizations and IT administrators should quickly update their Java versions to avoid future attacks.
