Facebook Google Plus Twitter LinkedIn YouTube RSS Menu Search Resource - BlogResource - WebinarResource - ReportResource - Eventicons_066 icons_067icons_068icons_069icons_070

Tenable Blog

Subscribe

Advisory: Efail...PGP Has an Email Problem?

Email continues to be one of the most popular ways to communicate in the world today. And given the rapidly evolving threat landscape, email encryption has never been more critical. Pretty Good Privacy (PGP) has long been a trusted platform for encrypted messaging and remains a popular method of sending secure, private email.

On May 14, a research team led by Sebastian Schinzel, researcher and professor of computer security at Münster University of Applied Sciences, disclosed critical vulnerabilities in implementations of several email clients and the OpenPGP and S/MIME standards that could be exploited to disclose sensitive information by exfiltrating plaintext of encrypted messages. It’s also possible that old messages which were previously encrypted could be disclosed.

The research team is using the name Efail to describe these vulnerabilities. They released a technical report with details. Essentially, Efail attacks exploit weaknesses in the various email clients, PGP and S/MIME, by tricking email clients into revealing the plaintext of the encrypted emails to the attacker. In the technical paper, researchers state that for the attack against the email clients that involves direct exfiltration, “EFAIL abuses active content of HTML emails, for example externally loaded images or styles, to exfiltrate plaintext through requested URLs. The attacker changes an encrypted email in a particular way and sends this changed encrypted email to the victim. The victim's email client decrypts the email and loads any external content, thus exfiltrating the plaintext to the attacker.”

The second issue, named the CBC/CFB Gadget attack, abuses vulnerabilities in the specification of OpenPGP and S/MIME, thereby allowing the attacker to exfiltrate the plaintext from encrypted messages.

After reviewing the research, the Electronic Frontier Foundation (EFF) also stated it could “confirm that these vulnerabilities pose an immediate risk to those using these tools for email communication, including the potential exposure of the contents of past messages.”

There’s an ongoing debate in the cybersecurity community whether these issues are in the specifications or the email clients. Some cybersecurity professionals have expressed concerns that the issue also affects the core protocol of PGP, including file encryption. GNU Privacy Guard tweeted, “They figured out mail clients which don't properly check for decryption errors and also follow links in HTML mails. So the vulnerability is in the mail clients and not in the protocols. In fact OpenPGP is immune if used correctly while S/MIME has no deployed mitigation.”

Due to the risk and severity of the vulnerabilities, it’s likely the affected vendors will release patches to mitigate both these issues before a comprehensive evaluation of the PGP and S/MIME specifications are conducted.

Solution

There are currently no reliable fixes for these issues. There’s a large list of vendors affected (see section titled “Responsible Disclosure”).

Tenable Research is closely following the developing situation for these vulnerabilities:

  • CVE-2017-17688: OpenPGP CFB gadget attacks
  • CVE-2017-17689: S/MIME CBC gadget attacks

If OpenPGP is patched to detect and discard messages with modified ciphertext, Tenable’s container security would detect outdated versions. Similarly, when mail clients take steps to mitigate these issues, Container Security would detect those outdated versions as well.

We’re monitoring the situation and are actively working on releasing checks and plugins to help our customers determine if they’re vulnerable and assess their Cyber Exposure.

Some interim mitigations

  • Don’t decrypt email messages using vulnerable clients. Use a standalone application to decrypt email messages, so that direct exfiltration channels aren’t opened up as a result of these vulnerabilities. This trade-off involves the addition of an extra step when receiving encrypted messages.
  • Disable rendering of remote content in messages on email clients. This reduces the attack surface area and raises the bar for exploitation. However, this will also mean that active content in messages cannot be viewed.
  • Apply patches from vendors as soon as they are available.

Additional information

Related Articles

Cybersecurity News You Can Use

Enter your email and never miss timely alerts and security guidance from the experts at Tenable.

Tenable Vulnerability Management

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy.

Your Tenable Vulnerability Management trial also includes Tenable Lumin and Tenable Web App Scanning.

Tenable Vulnerability Management

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy. Purchase your annual subscription today.

100 assets

Choose Your Subscription Option:

Buy Now

Tenable Vulnerability Management

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy.

Your Tenable Vulnerability Management trial also includes Tenable Lumin and Tenable Web App Scanning.

Tenable Vulnerability Management

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy. Purchase your annual subscription today.

100 assets

Choose Your Subscription Option:

Buy Now

Tenable Vulnerability Management

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy.

Your Tenable Vulnerability Management trial also includes Tenable Lumin and Tenable Web App Scanning.

Tenable Vulnerability Management

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy. Purchase your annual subscription today.

100 assets

Choose Your Subscription Option:

Buy Now

Try Tenable Web App Scanning

Enjoy full access to our latest web application scanning offering designed for modern applications as part of the Tenable One Exposure Management platform. Safely scan your entire online portfolio for vulnerabilities with a high degree of accuracy without heavy manual effort or disruption to critical web applications. Sign up now.

Your Tenable Web App Scanning trial also includes Tenable Vulnerability Management and Tenable Lumin.

Buy Tenable Web App Scanning

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy. Purchase your annual subscription today.

5 FQDNs

$3,578

Buy Now

Try Tenable Lumin

Visualize and explore your exposure management, track risk reduction over time and benchmark against your peers with Tenable Lumin.

Your Tenable Lumin trial also includes Tenable Vulnerability Management and Tenable Web App Scanning.

Buy Tenable Lumin

Contact a Sales Representative to see how Tenable Lumin can help you gain insight across your entire organization and manage cyber risk.

Try Tenable Nessus Professional Free

FREE FOR 7 DAYS

Tenable Nessus is the most comprehensive vulnerability scanner on the market today.

NEW - Tenable Nessus Expert
Now Available

Nessus Expert adds even more features, including external attack surface scanning, and the ability to add domains and scan cloud infrastructure. Click here to Try Nessus Expert.

Fill out the form below to continue with a Nessus Pro Trial.

Buy Tenable Nessus Professional

Tenable Nessus is the most comprehensive vulnerability scanner on the market today. Tenable Nessus Professional will help automate the vulnerability scanning process, save time in your compliance cycles and allow you to engage your IT team.

Buy a multi-year license and save. Add Advanced Support for access to phone, community and chat support 24 hours a day, 365 days a year.

Select Your License

Buy a multi-year license and save.

Add Support and Training

Try Tenable Nessus Expert Free

FREE FOR 7 DAYS

Built for the modern attack surface, Nessus Expert enables you to see more and protect your organization from vulnerabilities from IT to the cloud.

Already have Tenable Nessus Professional?
Upgrade to Nessus Expert free for 7 days.

Buy Tenable Nessus Expert

Built for the modern attack surface, Nessus Expert enables you to see more and protect your organization from vulnerabilities from IT to the cloud.

Select Your License

Buy a multi-year license and save more.

Add Support and Training