Cisco has issued a patch for Cisco IOS and IOS XE software to protect users against an attack able to break encryption protocols.

On Monday, the tech giant said in a security advisory that a vulnerability exists in IOS software, originally known as the Internetwork Operating System, and IOS XE builds which are configured with the authentication rsa-encr option.

However, Cisco IOS XR is not affected.

The vulnerability allows remote attackers without authentication to obtain the encrypted nonces of an Internet Key Exchange Version 1 (IKEv1) session.

RSA-encrypted nonces are susceptible to attack due to a vulnerability caused by software which responds poorly to decryption failures. Errors in handling can be exploited by attackers who are able to send crafted ciphertexts to devices configured with IKEv1 which use RSA-encrypted nonces.

If successful, attackers are able to obtain the encrypted nonces.

Reporting the Flaw

The security flaw was reported by Dennis Felsch, Martin Grothe, and Jörg Schwenk from Ruhr-Universität Bochum, and both Adam Czubak and Marcin Szymanek from the University of Opole.

Cisco has released a patch to address the security issue before the Usenix Security conference in Baltimore later this week, where the researchers will present their findings

The Internet Key Exchange protocol (IKE) is used to build Virtual Private Networks (VPNs) and to establish cryptographic keys. The protocol is available in two versions which use different modes, phrases, authentication methods, and configuration options.

According to the researchers, by exploiting the Bleichenbacher oracle in an IKEv1 mode, a key pair can be reused against different variations of IKE, leading to cryptographic bypass.

“Using this exploit, we break these RSA encryption based modes, and in addition break RSA signature-based authentication in both IKEv1 and IKEv2,” the researchers said.

The team also plans to outline an offline dictionary attack against Pre-Shared Key (PSK) IKE modes at the summit.

The vulnerability is tracked as CVE-2018-0131 in Oracle products, CVE2017-17305 in Huawei software, CVE-2018-8753 in affected Clavister solutions, and as CVE-2018-9129 by ZyXEL.

All vendors impacted by the vulnerability have now developed fixes for the severe security issue.

There are no workarounds to protect enterprise software from this vulnerability, and so Cisco is urging customers to update their systems as soon as possible.

Cisco is not aware of any reports which suggest this vulnerability is being exploited in the wild.