11:45am, 14 Dec 2017

TLP Rating: White

Certain TLS-RSA implementations susceptible to ROBOT attack

A vulnerability affecting certain implementations of TLS has been released. This vulnerability is susceptible to Return Of Bleichenbacher's Oracle Threat (ROBOT) attacks, which can enable attackers to passively intercept, and decrypt network traffic.

This attack type affects some implementations of products utilising RSA Laboratories' Public-Key Cryptography Standard #1 (PKCS#1).

Currently we’re aware of eight vendors that have products vulnerable to this attack, though this list may grow.