Widely-Used PuTTY SSH Client Found Vulnerable to Key Recovery Attack
![Widely-Used PuTTY SSH Client Found Vulnerable to Key Recovery Attack](https://www.ngtedu.co.in/heenachy/2024/04/Widely-Used-PuTTY-SSH-Client-Found-Vulnerable-to-Key-Recovery-Attack.png)
The maintainers of the PuTTY Secure Shell (SSH) and Telnet client are alerting users of a critical vulnerability impacting versions from 0.68 through 0.80 that could be exploited to achieve full recovery of NIST P-521 (ecdsa-sha2-nistp521) private keys.
The flaw has been assigned the CVE identifier CVE-2024-31497, with the discovery credited to researchers Fabian Bäumer and Marcus
The post “Widely-Used PuTTY SSH Client Found Vulnerable to Key Recovery Attack” appeared first on The Hacker News
Source:The Hacker News – [email protected] (The Hacker News)