Rotten Onion (image by eurleif)

Justin Clarke and ICS-CERT unveiled another vulnerability in RuggedCom devices yesterday.  This time, Justin took a different track with the device firmware and showed that all products use the same SSL private key, hard-coded in the firmware.

This is fairly typical in cheap consumer-grade embedded products, and has the unfortunate effect that easy Man-In-The-Middle attacks can be performed against products.  For example, any compromised host on the switch management network can be used to spoof affected RuggedCom switches, meaning that the bad guy or gal could capture legitimate usernames and passwords for the switch.

It’s a simple and effective attack.  Similar issues with Microsoft’s older version of Remote Desktop Protocol clients and Terminal Servers suffered the same issue.  It’s unfortunately  difficult to get people to pay attention to this type of security issue (RDP MITM weaknesses, including a hard-coded key, took years for Microsoft to address).

To be clear this is a problem with a fairly complicated solution history, especially in embedded-land.  Embedded products are closed systems and are typically designed to prevent the user from accessing a filesystem (if the product even has a filesystem in the normal sense).  Vendors rarely stop and think about the issues surrounding certificate management including on-board certificate generation, storage, and providing a method for customers to security get the key off the device.  What we’re left with as customers is the, “It’s Got Crypto!” sticker on the front box, as though this provides some guarantee of security.  Without proper key management tools, however, it’s a fairly meaningless slogan.  With a few exceptions, the ICS vendors that are dabbling with encrypted communication are doing just that — dabbling.  So far there are more instances of getting it wrong than getting it right.

Already I hear people lining up and saying that this certificate issue is not a big deal.  “These are trusted networks,” after all.  If these are trusted networks, then why do we even care about crypto?  The obvious answer is that we care because of a little thing called ‘defense in depth.’  Unfortunately the layers of RuggedCom’s security are all rotten — first a backdoor account and plaintext login, and now bad crypto that was supposed to add an extra layer of security.  I could only see it getting worse if someone finds a generic authentication bypass vulnerability.

Image by eurleif