Security experts and vendors say there exists no significant risk in using generic SSL certificates in popular Unified Threat Management devices.
The comments follow warnings from the Tor Project's Runa Sandvik and OpenSSL's Ben Laurie that the use of generic certificates within Cyberoam UTMs could lead to unauthorised interception of deep packet inspection (DPI) traffic.
Staff who had installed the certificates as part of corporate DPI could be vulnerable to interception by any Cyberoam UTM device with the same certificates installed, or any DPI box using the same private keys, the vulnerability disclosure stated.
Anonymous users on the Tor Project blog had posted what appeared to be the private key, extracted from the certificates. Cyberoam told SC it did "not know how they got the key" and did not "think that the key can be extracted from the old generic certificates".
Cyberoam responded to the vulnerability disclosure by issuing unique certificates to its UTM customers, but noted the use of generic certificates was standard practice.
However, rival UTM vendors Dell Sonicwall and Fortinet dismissed allegations the same risks were associated with using generic certificates on their equipment.
"It is a standard industry practice for devices to ship with some defaults that are shared across appliances ... however, we don't believe this constitutes a vulnerability or a security concern," a spokesman for Dell Sonicwall said.
The vendor said it would review the need to create individual self-signed certificates for each firewall.
Fortinet said two devices with identical signing certificates did not mean that traffic could be intercepted and decrypted.
"SSL certificate management is a critically important and complex subject," a Fortinet spokesman said.
"If what the original article claims was true, then any of the trusted CAs could decrypt traffic which was encrypted with certificates they signed. That breaks the very concept of encryption over public networks."
The self-signed certificates on Fortinet and Dell Sonicwall devices provide basic HTTPS encryption between the firewall and the browser in lieu of more complex security measures. Administrators were advised in documentation to replace the certificate, though some were forced to do so after DPI was activated in either vendor's UTM devices.
Dell Sonicwall devices require a non-box-signed certificate to be loaded for inbound SSL decryption and a non-appliance-signed certificate to be loaded as part of best practice for outbound SSL decryption, which the vendor's spokesman said "makes this issue a moot point".
Fortinet agreed, and poured cold water on the risks associated with extracting keys from generic certificates.
"Extracting/decrypting the private key from an intermediary device certificate, while interesting, does not constitute the significant security threat or exposure of encrypted user traffic that has been implied," the company's spokesman said.
"Obtaining the key from a certificate is a minor exercise for anyone with access to the device, readily available utilities, and enough time/processing power."
Security consultant and PKI expert Stephen Wilson said the vendor's comment was fair.
"The threat seems mild," he said.
"If an attacker gets your firewall's private key, they can basically see the DPI results sent from the device to an admin's browser. The DPI results are pretty soft intelligence; careless administrators leak much more sensitive information all the time; more than once I've seen admins email out their firewall rule sets in plain text."
He said customers should be forced, not asked, to change default settings before the security devices could operate.
The former head of the Australian Information Security Association (AISA) and consultant Keith Price noted that shipped default configurations was standard fare.
"I think it applies across the IT spectrum — routers, switches, security devices etc." Price said.
"It's been the most basic knowledge for years and most certainly of late in the hostile cyberworld we live in that necessitates changing of default vendor passwords, certificates, IP addresses, [and] rename administrator IDs when setting up a device for a production network.
"In all honesty, how some person involved in any way in IT wouldn't know the need and immediacy of changing out default vendor passwords or certs or whatever, given everything we read today, is the real concern."
Both vendors said customers have not been compromised and urged concerned clients to contact their support departments.
Copyright © SC Magazine, Australia
Processing registration... Please wait.
This process can take up to a minute to complete.
A confirmation email has been sent to your email address - SUPPLIED GOES EMAIL HERE. Please click on the link in the email to verify your email address. You need to verify your email before you can start posting.
If you do not receive your confirmation email within the next few minutes, it may be because the email has been captured by a junk mail filter. Please ensure you add the domain @itnews.com.au to your white-listed senders.