CVE-2021-36367 Overview
CVE-2021-36367 is an authentication spoofing vulnerability in PuTTY, a widely-used free SSH and Telnet client for Windows and Unix platforms. The vulnerability exists in PuTTY versions through 0.75, where the client proceeds with establishing an SSH session even if it has never sent a substantive authentication response. This flaw makes it easier for an attacker-controlled SSH server to present a later spoofed authentication prompt that can be used to capture credential data from unsuspecting users.
Critical Impact
Attackers controlling a malicious SSH server can exploit this vulnerability to capture user credentials through spoofed authentication prompts, potentially leading to credential theft and unauthorized access to legitimate systems.
Affected Products
- PuTTY versions through 0.75
- Related PuTTY-based tools and integrations using affected library versions
- Systems where users connect to untrusted or compromised SSH servers
Discovery Timeline
- 2021-07-09 - CVE-2021-36367 published to NVD
- 2024-11-21 - Last updated in NVD database
Technical Details for CVE-2021-36367
Vulnerability Analysis
This vulnerability falls under CWE-345 (Insufficient Verification of Data Authenticity). The core issue lies in how PuTTY handles the SSH authentication state machine. When connecting to an SSH server, PuTTY should track whether it has actually sent valid authentication credentials before considering the session authenticated. However, in affected versions, PuTTY fails to properly verify that a substantive authentication response was actually transmitted before proceeding with the SSH session.
This architectural flaw creates a window of opportunity for attackers operating malicious SSH servers. The attack requires user interaction in that the victim must initiate a connection to the attacker-controlled server, and the confidentiality and integrity impact is high as credential data can be captured.
Root Cause
The root cause of CVE-2021-36367 is insufficient state tracking in PuTTY's SSH authentication protocol implementation. The client does not maintain adequate verification that authentication credentials were legitimately exchanged before transitioning to an authenticated state. This allows the SSH protocol flow to continue even when proper authentication handshakes have not been completed, creating the opportunity for credential interception attacks.
Attack Vector
The attack scenario involves an attacker who controls or has compromised an SSH server that a victim might connect to. The attack flow proceeds as follows:
- The victim initiates an SSH connection to the attacker-controlled server using a vulnerable version of PuTTY
- The malicious server allows the session to establish without requiring proper authentication
- After the session appears established, the malicious server presents a spoofed authentication prompt to the user
- The user, believing they need to authenticate to the legitimate service, enters their credentials
- The attacker captures these credentials and can use them to access legitimate systems
This attack is particularly effective in scenarios where users may connect to multiple SSH servers and are accustomed to authentication prompts. The vulnerability does not affect availability, focusing instead on confidentiality and integrity compromise through credential theft.
Detection Methods for CVE-2021-36367
Indicators of Compromise
- Unexpected authentication prompts appearing after an SSH session appears to be established
- SSH connections to known-malicious IP addresses or domains
- User reports of unusual authentication behavior when connecting to SSH servers
- Multiple credential entry requests during a single SSH session
Detection Strategies
- Monitor for PuTTY versions 0.75 and earlier in software inventory systems
- Implement network monitoring to detect SSH connections to unauthorized or suspicious servers
- Deploy endpoint detection to identify vulnerable PuTTY installations across the enterprise
- Review authentication logs for anomalies in SSH connection patterns
Monitoring Recommendations
- Enable verbose logging on SSH clients where possible to track authentication state
- Implement host key verification monitoring to detect connections to unknown servers
- Deploy SentinelOne endpoint protection to monitor for exploitation attempts
- Establish baseline SSH connection patterns to identify anomalous behavior
How to Mitigate CVE-2021-36367
Immediate Actions Required
- Upgrade PuTTY to version 0.76 or later immediately
- Audit all systems for vulnerable PuTTY installations
- Warn users about the risks of connecting to untrusted SSH servers
- Review and rotate credentials that may have been exposed through vulnerable clients
- Implement strict SSH host key verification policies
Patch Information
The vulnerability has been addressed by the PuTTY development team. The fix is tracked in the Git Commit Change Log. Users should upgrade to PuTTY 0.76 or later to remediate this vulnerability. Additional security advisories have been released by Debian, including Debian Security Advisory DSA-5588 and the Debian LTS Announcement.
For a complete list of changes and security fixes, refer to the PuTTY Change History.
Workarounds
- Avoid connecting to untrusted or unknown SSH servers until patching is complete
- Verify SSH host keys manually before establishing connections
- Use alternative SSH clients that are not affected by this vulnerability
- Implement network-level restrictions to limit SSH connections to approved servers only
- Train users to be suspicious of unexpected authentication prompts after initial connection
# Verify PuTTY version on Windows systems
# Check installed version and upgrade if below 0.76
putty.exe --version
# On Linux/Unix systems using the command-line tools
plink --version
# Download and verify latest PuTTY release from official sources
# https://www.chiark.greenend.org.uk/~sgtatham/putty/latest.html
Disclaimer: This content was generated using AI. While we strive for accuracy, please verify critical information with official sources.
