CVE-2018-1000520 : What You Need to Know

ARM mbedTLS up to version 2.7.0 has a security vulnerability that allows incorrectly signed certificates to be accepted, impacting the mbedtls_ssl_get_verify_result() function.

Understanding CVE-2018-1000520

This CVE involves a vulnerability in ARM mbedTLS that can lead to the acceptance of ECDSA-signed certificates instead of the expected RSA-signed ones.

What is CVE-2018-1000520?

The vulnerability in ARM mbedTLS up to version 2.7.0 allows incorrectly signed certificates to be accepted, potentially leading to a security breach.

The Impact of CVE-2018-1000520

The vulnerability affects the mbedtls_ssl_get_verify_result() function, enabling peers to negotiate a TLS-ECDH-RSA-* ciphersuite and accept ECDSA-signed certificates instead of RSA-signed ones.

Technical Details of CVE-2018-1000520

ARM mbedTLS version 2.7.0 and earlier contain a vulnerability in mbedtls_ssl_get_verify_result() that allows incorrectly signed certificates to be accepted.

Vulnerability Description

The vulnerability enables the acceptance of ECDSA-signed certificates when only RSA-signed ones should be allowed, potentially leading to a security compromise.

Affected Systems and Versions

Product: ARM mbedTLS
Versions affected: Up to 2.7.0

Exploitation Mechanism

The vulnerability can be exploited when peers negotiate a TLS-ECDH-RSA-* ciphersuite, allowing any peer to present an ECDSA-signed certificate instead of the expected RSA-signed one.

Mitigation and Prevention

To address CVE-2018-1000520, follow these steps:

Immediate Steps to Take

Update ARM mbedTLS to a version beyond 2.7.0.
Monitor for any unusual certificate acceptance behavior.

Long-Term Security Practices

Implement strict certificate validation processes.
Regularly review and update TLS configurations.

Patching and Updates

Apply patches provided by ARM mbedTLS promptly to mitigate the vulnerability.