Long-Standing Security Vulnerability in SSH Client PuTTY Discovered

Private ECDSA keys could be compromised.

Copyright: CASA, Michael Schwettmann

Researchers from the Horst Goertz Institute for IT Security and the Cluster of Excellence CASA (Ruhr University Bochum) recently exposed a significant security vulnerability in the widely used SSH client software, PuTTY. The vulnerability, registered as CVE-2024-31497, affects all versions of PuTTY from 0.68 to 0.80, released since February 21, 2017.

Fabian Bäumer and Marcus Brinkmann from the Chair for Network and Data Security revealed on Openwall that the vulnerability could compromise private ECDSA keys based on the NIST P521 curve. An attacker can reconstruct a private key using around 60 valid ECDSA signatures generated by any PuTTY component with the same key. These signatures could be intercepted, for example, from a compromised server or signed Git commits.

The software is widely used within the IT industry, especially by developers to access servers. The discovery of the vulnerability highlights that vulnerabilities can remain undetected in widely used software for years, posing significant security risks.

In addition to PuTTY, the researchers also identified other affected tools, including FileZilla (versions 3.24.1 to 3.66.5), WinSCP (versions 5.9.5 to 6.3.2), TortoiseGit (versions to 2.15.0), and TortoiseSVN (versions 1.10.0 to 1.14.6).

Some affected software providers have already released patches, including PuTTY 0.81, FileZilla (version 3.67.0), and TortoiseGit (version WinSCP is expected to be patched soon with version 6.3.3. TortoiseSVN users are advised to manually use the latest PuTTY version until a patch is available.

For the original researchers' announcement:

General note: In case of using gender-assigning attributes we include all those who consider themselves in this gender regardless of their own biological sex.