Enterprises using security firm Cyberoam’s deep packet inspection (DPI) devices could have traffic intercepted by anyone using its shared certificate.
Anonymity network Tor Project security researcher Runa Sandvik and OpenSSL’s Ben Laurie discovered the devices used the same certificate authority (CA) authentication and private key.
That gaffe made it possible for any DPI box to grab traffic from employees monitored by Cyberoam devices, they said.
“It is therefore possible to intercept traffic from any victim (employee) of a Cyberoam device with any other Cyberoam device — or, indeed, to extract the key from the device and import it into other DPI devices, and use those for interception,” Sandvik wrote in an advisory. “Victims should uninstall the Cyberoam CA certificate from their browsers and decline to complete any connection which gives a certificate warning.”
But Cyberoam fired back on Thursday, stating its keys could not be extracted.
“…[T]heoretically it is possible to decrypt SSL data using a conned private key,” it said in a blog post. “Cyberoam UTM does not allow import or export of the foresaid private key used for the SSL-bridging technology. Cyberoam UTM either accepts or rejects, but does not store HTTPS Deep Scan Inspection data, as processing is done in real-time. The possibility of data interception between any two Cyberoam appliances is hence nullified.”
Sandvik and Laurie began researching the hole after a Tor user in Jordan reported seeing a fake Cyberoam certificate for the TorProject.org. They discovered the user’s traffic was intercepted by a Cyberoam device.
Trusted certificates had to be installed on employee machines, referred to as victims, in order for DPI to work. But that Cyberoam victims all installed the same trusted CA which would issue fake certificates was “a little surprising,” Sandvik said.
Devantis SA, a Swiss system development company, posted instructions on how to delete the root CA in a blog post.