CVE-2019-9898 – PuTTY versions before 0.71 have a cryptographic... (How to Fix)

Q: What is the severity of CVE-2019-9898?

CVE-2019-9898 has a CVSS score of 9.8 (CRITICAL). PuTTY versions before 0.71 have a cryptographic vulnerability where random numbers used for SSH session keys could be recycled, potentially allowing attackers to decrypt SSH sessions or perform man-in-the-middle attacks. This affects all users of vulnerable PuTTY versions for SSH connections.

📋 TL;DR

PuTTY versions before 0.71 have a cryptographic vulnerability where random numbers used for SSH session keys could be recycled, potentially allowing attackers to decrypt SSH sessions or perform man-in-the-middle attacks. This affects all users of vulnerable PuTTY versions for SSH connections.

💻 Affected Systems

Products:

PuTTY

Versions: All versions before 0.71

Operating Systems: Windows, Linux (if compiled from vulnerable source), Any OS running vulnerable PuTTY

Default Config Vulnerable: ⚠️ Yes

Notes: Affects all PuTTY installations regardless of configuration. The vulnerability is in the cryptographic random number generation.

📦 What is this software?

⚠️ Risk & Real-World Impact

🔴

Worst Case

Full compromise of SSH sessions allowing decryption of all traffic, credential theft, and man-in-the-middle attacks against SSH connections.

🟠

Likely Case

Session hijacking and decryption of sensitive data transmitted over SSH, particularly in targeted attacks.

🟢

If Mitigated

Limited impact if using additional encryption layers or network segmentation, but SSH security is fundamentally compromised.

🌐 Internet-Facing: HIGH - SSH servers accepting connections from vulnerable PuTTY clients are exposed to session compromise.

🏢 Internal Only: HIGH - Internal SSH connections using vulnerable PuTTY clients are equally vulnerable to insider threats or compromised internal systems.

🎯 Exploit Status

Public PoC: ⚠️ Yes

Weaponized: LIKELY

Unauthenticated Exploit: ✅ No

Complexity: MEDIUM

Exploitation requires the attacker to be in a position to intercept or manipulate SSH traffic. Proof of concept exists in security advisories.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: 0.71 and later

Vendor Advisory: https://www.chiark.greenend.org.uk/~sgtatham/putty/changes.html

Restart Required: No

Instructions:

1. Download PuTTY 0.71 or later from official website. 2. Uninstall old version. 3. Install new version. 4. Verify version with 'putty -V' command.

🔧 Temporary Workarounds

Use alternative SSH clients

all

Temporarily switch to other SSH clients like OpenSSH, SecureCRT, or Bitvise SSH Client until PuTTY is patched.

Network segmentation

all

Restrict SSH traffic to trusted networks only and implement network monitoring for unusual SSH patterns.

🧯 If You Can't Patch

Implement strict network access controls to limit SSH connections to essential systems only
Deploy network monitoring and IDS/IPS systems to detect potential SSH session manipulation attempts

🔍 How to Verify

Check if Vulnerable:

Run 'putty -V' command and check if version is earlier than 0.71. On Windows, check Help → About in PuTTY GUI.

Check Version:

putty -V

Verify Fix Applied:

After updating, run 'putty -V' and confirm version is 0.71 or higher. Verify checksum of downloaded installer matches official release.

📡 Detection & Monitoring

Log Indicators:

Unusual SSH connection patterns
Multiple failed SSH connections from same source
SSH session resets or anomalies

Network Indicators:

Unusual SSH traffic patterns
SSH protocol anomalies
Man-in-the-middle attack signatures

SIEM Query:

source="ssh_logs" AND (event="session_key_error" OR event="crypto_failure" OR pattern="unusual_ssh_handshake")

📊 Metadata

CVE ID: CVE-2019-9898

CVSS v3 Score: 9.8 (CRITICAL)

CVSS Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CWE: CWE-330

Published: March 21, 2019

Last Updated: November 21, 2024

🔗 References

http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00004.html Mailing List,Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00020.html Mailing List,Third Party Advisory
http://www.securityfocus.com/bid/107523 Third Party Advisory,VDB Entry
https://lists.debian.org/debian-lts-announce/2019/04/msg00023.html Mailing List,Third Party Advisory
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/36LWQ3NPFIV7DC7TC4KFPRYRH2OR7SZ2/
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LDO3F267P347E6U2IILFCYW7JPTLCCES/
https://seclists.org/bugtraq/2019/Apr/6 Mailing List,Third Party Advisory
https://security.netapp.com/advisory/ntap-20190329-0002/ Broken Link
https://security.netapp.com/advisory/ntap-20190401-0002/ Patch,Third Party Advisory
https://www.chiark.greenend.org.uk/~sgtatham/putty/changes.html Third Party Advisory
https://www.debian.org/security/2019/dsa-4423 Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00004.html Mailing List,Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00020.html Mailing List,Third Party Advisory
http://www.securityfocus.com/bid/107523 Third Party Advisory,VDB Entry
https://lists.debian.org/debian-lts-announce/2019/04/msg00023.html Mailing List,Third Party Advisory
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/36LWQ3NPFIV7DC7TC4KFPRYRH2OR7SZ2/
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LDO3F267P347E6U2IILFCYW7JPTLCCES/
https://seclists.org/bugtraq/2019/Apr/6 Mailing List,Third Party Advisory
https://security.netapp.com/advisory/ntap-20190329-0002/ Broken Link
https://security.netapp.com/advisory/ntap-20190401-0002/ Patch,Third Party Advisory
https://www.chiark.greenend.org.uk/~sgtatham/putty/changes.html Third Party Advisory
https://www.debian.org/security/2019/dsa-4423 Third Party Advisory

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2019-9898, you might also want to check these: