Overview

AsyncSSH before 2.14.1 is prone to Rogue Session Attacks.

Description

AsyncSSH, a popular asynchronous SSH library for Python, has been found to contain several vulnerabilities in versions released before 2.14.1. These vulnerabilities expose users to significant risks, including unauthorized control over SSH connections and potential manipulation of extension info messages. Attackers could exploit these vulnerabilities to execute 'Rogue Extension Negotiation' attacks and 'Rogue Session Attacks' compromising the security and integrity of SSH communications.

CVE-2023-46445

An issue in AsyncSSH before 2.14.1 allows attackers to control the extension info message (RFC 8308) via a man-in-the-middle attack, aka a 'Rogue Extension Negotiation'.

CVE-2023-46446

An issue in AsyncSSH before 2.14.1 allows attackers to control the remote end of an SSH client session via packet injection/removal and shell emulation, aka a 'Rogue Session Attack'.

Impact

These vulnerabilities could allow attackers to gain unauthorized access, manipulate SSH connections, and compromise the confidentiality, integrity, and availability of sensitive information and systems.

Successful exploitation of these vulnerabilities could lead to unauthorized data access, remote code execution, or complete system compromise, posing significant risks to affected organizations and users.