Cyberoam fixes SSL snooping hole in network security appliances

Network security hardware manufacturer Cyberoam issued an over-the-air (OTA) update for its unified threat management (UTM) appliances in order to force the devices to use unique certificate authority (CA) SSL certificates when intercepting SSL traffic on corporate networks.

The company was forced to issue the update after an anonymous user published on the Internet the SSL private key that all Cyberoam appliances use by default.

“As the private key has been leaked there are possibilities that it can be misused and hence we have taken an immediate action to release an OTA hotfix that changes the default CA and protects the customers,” Abhilash Sonwane, senior vice president of product management at Cyberoam, said Monday via email.

After the hotfix is applied, each individual appliance will have its unique CA certificate. Customers should see a notification about the CA certificate being changed on the administration dashboard of their devices, Sonwane said.

If for some reason the update failed and the alert is missing from the dashboard, customers can generate their own unique CA certificates using the command line interface, an option that has always been available to them.

Tor Project researcher Runa A. Sandvik and Google software security engineer Ben Laurie revealed on July 3 that all Cyberoam appliances with SSL traffic inspection capabilities had been using the same self-generated CA certificate by default. This made it possible “to intercept traffic from any victim of a Cyberoam device with any other Cyberoam device – or, indeed, to extract the key from the device and import it into other DPI [deep packet inspection] devices, and use those for interception,” the researchers wrote in a security advisory.

Cyberoam admitted in a customer support article published on Thursday that all of its appliances used the same default CA certificate. However, the company denied at the time that the private key corresponding to this certificate can be exported from the devices.

Businesses are interested in inspecting the SSL traffic on their networks for a variety of reasons, including the detection of potential data leaks and malware activity.

Network security appliances like those produced by Cyberoam achieve this by launching man-in-the-middle attacks every time network computers send requests to SSL-enabled domain names.

They intercept the requests and establish encrypted channels with the destination servers. They then generate rogue SSL certificates for the remote domains, sign them with their own self-generated CA certificates, and serve those back to the network computers.

This establishes SSL bridges that allow them to inspect what should otherwise be private communications between network endpoints and remote servers. In order to avoid any certificate errors being displayed on the endpoint computers, network administrators have to first install the self-generated CA certificates in their trusted certificate stores.

Sonwane feels that Cyberoam has been singled out in this case. The whole industry uses the same methodology of shipping a default CA certificate with appliances that are capable of performing SSL traffic inspection, he said.

“As a company, we are taking this on a positive note, as these immediate changes (of forcefully generating a unique CA) are putting our appliances at a greater security level than the rest of the industry that does HTTPS deep scan,” he said.