Miggo Logo

CVE-2022-29245: Weak private key generation in SSH.NET

6.5

CVSS Score
3.1

Basic Information

EPSS Score
0.61429%
Published
6/1/2022
Updated
1/27/2023
KEV Status
No
Technology
TechnologyC#

Technical Details

CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
Package NameEcosystemVulnerable VersionsFirst Patched Version
SSH.NETnuget< 2020.0.22020.0.2

Vulnerability Intelligence
Miggo AIMiggo AI

Miggo AIRoot Cause Analysis

The vulnerability stems from the use of System.Random in the key generation process. The code snippet explicitly shows _privateKey being populated via rnd.NextBytes(), where rnd is a System.Random instance. Cryptographic protocols require cryptographically secure PRNGs (like RNGCryptoServiceProvider) to prevent predictability. The fix in commit 03c6d60 replaces this with CryptoAbstraction.GenerateRandom, confirming the original implementation was insecure. The Start method is directly responsible for initializing the key exchange, making it the clear vulnerable entry point.

Vulnerable functions

Only Mi**o us*rs **n s** t*is s**tion

WAF Protection Rules

WAF Rule

*urin* *n **X******* k*y *x***n**, t** *li*nt’s priv*t* is **n*r*t** wit* [**Syst*m.R*n*om**](*ttps://*o*s.mi*roso*t.*om/*n-us/*otn*t/*pi/syst*m.r*n*om): ```*s v*r rn* = n*w R*n*om(); _priv*t*K*y = n*w *yt*[Mont*om*ry*urv******.Priv*t*K*ySiz*In*yt*s

Reasoning

T** vuln*r**ility st*ms *rom t** us* o* `Syst*m.R*n*om` in t** k*y **n*r*tion pro**ss. T** *o** snipp*t *xpli*itly s*ows `_priv*t*K*y` **in* popul*t** vi* `rn*.N*xt*yt*s()`, w**r* `rn*` is * `Syst*m.R*n*om` inst*n**. *rypto*r*p*i* proto*ols r*quir* *