ARM’s embedded TLS library fixes man-in-the-middle fiddle
IoT security helper is vulnerable to attacks by malicious peers
ARM's "mbed TLS" software can be tricked into an authentication bypass and needs a patch.
Created by PolarSSL, which was acquired in February by ARM, mbed is a crypto library designed to make it easy for embedded system developers to add SSL/TLS capabilities to their products.
As well as client-server models (that is, an embedded IoT device talking to a server), mbed also lets peer devices set up TLS sessions between each other.
As explained in this advisory, there's a slip in the software's peer authentication, leading to an authentication bypass.
“If a malicious peer supplies an X.509 certificate chain that has more than
MBEDTLS_X509_MAX_INTERMEDIATE_CA intermediates (which by default is 8), it could bypass authentication of the certificates, when the authentication mode was set to 'optional' eg.
MBEDTLS_SSL_VERIFY_OPTIONAL. The issue could be triggered remotely by both the client and server sides.”
If exploited, an attacker could impersonate a device and act as a man-in-the-middle.
The bug is fixed in mbed TLS 1.3.21, mbed TLS 2.1.9 or mbed TLS 2.6.0; if developers or users can't upgrade, setting authentication to “required” instead of “optional” (setting the
MBEDTLS_SSL_VERIFY_REQUIRED flag) will block the issue.
mbed TLS also ships as part of some Linux distributions, including Debian and Ubuntu. ®