CVE-2020-36478
📋 TL;DR
This vulnerability in Mbed TLS allows attackers to bypass certificate validation by exploiting a parsing flaw where NULL algorithm parameters are incorrectly treated as valid. This affects systems using Mbed TLS for TLS/SSL certificate verification before patched versions. Attackers could potentially present malicious certificates that should be rejected.
💻 Affected Systems
- Mbed TLS
- Products embedding Mbed TLS library
📦 What is this software?
⚠️ Risk & Real-World Impact
Worst Case
Man-in-the-middle attacks where attackers intercept and decrypt TLS/SSL communications by presenting spoofed certificates that bypass validation.
Likely Case
Certificate validation bypass allowing unauthorized access to services or data interception in vulnerable configurations.
If Mitigated
Limited impact with proper network segmentation and additional certificate validation layers.
🎯 Exploit Status
Exploitation requires crafting malicious certificates but doesn't require authentication to the target system.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: Mbed TLS 2.25.0, 2.16.9 LTS, or 2.7.18 LTS
Vendor Advisory: https://github.com/ARMmbed/mbedtls/releases
Restart Required: Yes
Instructions:
1. Identify Mbed TLS version in use. 2. Upgrade to patched version (2.25.0, 2.16.9 LTS, or 2.7.18 LTS). 3. Recompile applications if statically linked. 4. Restart services using Mbed TLS.
🔧 Temporary Workarounds
Certificate Pinning
allImplement certificate pinning to validate specific certificates beyond standard validation.
Disable Vulnerable Features
allDisable certificate chain validation if not required (not recommended for security).
🧯 If You Can't Patch
- Implement network segmentation to isolate vulnerable systems from critical assets.
- Deploy additional certificate validation using external tools or hardware security modules.
🔍 How to Verify
Check if Vulnerable:
Check Mbed TLS version with: mbedtls_version -v or examine library files. Versions before 2.25.0, 2.16.9, or 2.7.18 are vulnerable.Check Version:
mbedtls_version -v or check library version in application outputVerify Fix Applied:
Verify version is 2.25.0 or higher, or 2.16.9 LTS or higher, or 2.7.18 LTS or higher.📡 Detection & Monitoring
Log Indicators:
- Unexpected certificate validation successes
- Certificate parsing errors
- TLS handshake anomalies
Network Indicators:
- Unusual certificate chains in TLS connections
- Suspicious certificate authorities
SIEM Query:
Search for certificate validation events with NULL parameters or unexpected successful validations🔗 References
- https://cert-portal.siemens.com/productcert/pdf/ssa-756638.pdf
- https://github.com/ARMmbed/mbedtls/issues/3629
- https://github.com/ARMmbed/mbedtls/releases/tag/v2.16.9
- https://github.com/ARMmbed/mbedtls/releases/tag/v2.25.0
- https://github.com/ARMmbed/mbedtls/releases/tag/v2.7.18
- https://lists.debian.org/debian-lts-announce/2021/11/msg00021.html
- https://lists.debian.org/debian-lts-announce/2022/12/msg00036.html
- https://cert-portal.siemens.com/productcert/pdf/ssa-756638.pdf
- https://github.com/ARMmbed/mbedtls/issues/3629
- https://github.com/ARMmbed/mbedtls/releases/tag/v2.16.9
- https://github.com/ARMmbed/mbedtls/releases/tag/v2.25.0
- https://github.com/ARMmbed/mbedtls/releases/tag/v2.7.18
- https://lists.debian.org/debian-lts-announce/2021/11/msg00021.html
- https://lists.debian.org/debian-lts-announce/2022/12/msg00036.html
