I recently wrote a blog for The SSL Store about the hazards of improperly using of self-signed certificates. But little did I know that I would see such an egregious example so soon after publishing that blog.
Researchers at German cyber-security firm Secorvo revealed that German software developer Sennheiser had inadvertently installed two self-signed root Certificate Authority (CA) certificates into the trust stores of users' computers, but also included the private keys in a format that could be easily extracted.
With access to a self-signed root certificate and the corresponding key, attackers can carry out man-in-the-middle attacks to impersonate any website on the Internet. And we’re talking all major websites here. Ars Technica cautions, “The software developer's mistake means that malicious third-parties can extract the private keys from the two applications and use them to issue forged certificates to spoof legitimate websites and software publishers for years to come.” In fact, since the root certificates are not set to expire until 2027, that’s quite a while.
The Sennheiser software in question was used to set up and manage softphones that allow users to make phone calls on a computer instead of using a physical phone. To do this, the company needed its headphones and speaker phones to work seamlessly with computer. And the way they did that was by establishing an encrypted Websocket with a browser. That process involved installing a self-signed TLS certificate in the operating system’s trust store, the central place where browser-trusted root CA certificates are stored.
The vulnerability occurred in version 7.3 of the HeadSetup app, where the self-signed root certificate was installed in a way that allowed the private cryptographic key to accessible. According to Ars Technica, “Because the key was identical for all installations of the software, hackers could use the root certificate to generate forged TLS certificates that impersonated any HTTPS website on the Internet. Although the self-signed certificates were blatant forgeries, they will be accepted as authentic on computers that store the poorly secured certificate root. Even worse, a forgery defense known as certificate pinning would do nothing to detect the hack.”
The blunder of headphone software installing root CA certificates is serious, the real story is that the power of machine identities is not well understood except by hackers,” warns Kevin Bocek, vice president of security strategy and threat intelligence at Venafi. “A certificate installed by default as a root CA for headphone software can easily enable ANY machine, website, cloud to appear trusted. These techniques are used every day by malware and trojans to making malicious sites. And developers aren’t learning from previous mistakes made by the largest vendors like Dell and Lenovo.”
Kevin goes on to remind us all that machine identities are often overlooked, or simply back-burnered, in security processes. And the results are serious enough to call attention to this negligence. “Machine identities like TLS keys and certificates are powerful weapons in the hands of cyber criminals and must be protect and their use treated as weapons. Global 5000 security and development teams must take this problem seriously.”
How actively is your organization managing its trust stores?