Widely-Used PuTTY SSH Client Found Vulnerable to Key Recovery Attack

1 min read

2 weeks ago

The maintainers of the PuTTY Secure Shell (SSH) and Telnet client are alerting users of a critical vulnerability impacting versions from 0.68 through 0.80 that could be exploited to achieve full recovery of NIST P-521 (ecdsa-sha2-nistp521) private keys.
The flaw has been assigned the CVE identifier CVE-2024-31497, with the discovery credited to researchers Fabian Bäumer and Marcus

Widely-Used PuTTY SSH Client Found Vulnerable to Key Recovery Attack

More Stories

Millions of Malicious ‘Imageless’ Containers Planted on Docker Hub Over 5 Years

U.S. Government Releases New AI Security Guidelines for Critical Infrastructure

New U.K. Law Bans Default Passwords on Smart Devices Starting April 2024

Millions of Malicious ‘Imageless’ Containers Planted on Docker Hub Over 5 Years

U.S. Government Releases New AI Security Guidelines for Critical Infrastructure

New U.K. Law Bans Default Passwords on Smart Devices Starting April 2024

Google Prevented 2.28 Million Malicious Apps from Reaching Play Store in 2023

More Stories

You may have missed