CVE-2021-45079 Overview
CVE-2021-45079 is a critical authentication bypass vulnerability in strongSwan, the widely-deployed open-source IPsec-based VPN solution. The vulnerability allows a malicious responder to send an EAP-Success message prematurely without actually authenticating the client. In scenarios involving EAP methods with mutual authentication and EAP-only authentication for IKEv2, this flaw enables exploitation without even requiring server authentication, potentially allowing attackers to completely bypass VPN authentication mechanisms.
Critical Impact
A malicious responder can bypass client and potentially server authentication in strongSwan VPN connections, enabling unauthorized access to protected network resources and man-in-the-middle attacks against VPN traffic.
Affected Products
- strongSwan versions before 5.9.5
- Debian Linux 9.0, 10.0, and 11.0
- Fedora 34 and 35
- Fedora Extra Packages for Enterprise Linux (EPEL) 7.0, 8.0, and 9.0
- Ubuntu Linux 14.04 ESM, 16.04 ESM, 18.04 LTS, 20.04 LTS, and 21.10
Discovery Timeline
- 2022-01-31 - CVE-2021-45079 published to NVD
- 2024-11-21 - Last updated in NVD database
Technical Details for CVE-2021-45079
Vulnerability Analysis
This vulnerability exists in strongSwan's EAP (Extensible Authentication Protocol) implementation within the IKEv2 protocol stack. The flaw stems from improper validation of EAP message sequences during VPN tunnel establishment. When a client initiates an IKEv2 connection using EAP authentication, the protocol expects a specific sequence of authentication messages before granting access. However, strongSwan fails to properly verify that the complete authentication handshake has occurred before accepting an EAP-Success message from the responder.
The vulnerability is particularly dangerous in EAP-only authentication scenarios (RFC 5998), where the EAP exchange is the sole authentication mechanism. An attacker operating as a malicious VPN responder can exploit this by sending a premature EAP-Success message, tricking the client into believing authentication has succeeded when no actual credential verification has occurred.
Root Cause
The root cause is classified as CWE-476 (NULL Pointer Dereference), indicating that the vulnerability involves improper handling of authentication state within strongSwan's EAP processing logic. The authentication state machine does not properly validate that all required authentication steps have been completed before transitioning to an authenticated state. This allows a malicious peer to bypass authentication checks by sending out-of-sequence protocol messages.
Attack Vector
The attack requires network access to intercept or respond to IKEv2/EAP connection attempts. An attacker can position themselves as a malicious VPN responder through various means:
- Rogue VPN Server: Setting up a malicious VPN endpoint that masquerades as a legitimate server
- Man-in-the-Middle Position: Intercepting VPN connection attempts and responding with the malicious authentication bypass sequence
- DNS Hijacking: Redirecting VPN connection attempts to an attacker-controlled server
The attack exploits the IKEv2/EAP handshake by:
- Intercepting or initiating an IKEv2 connection with a vulnerable strongSwan client
- Sending a premature EAP-Success message before completing the authentication exchange
- The client erroneously accepts this as successful authentication
- The attacker gains unauthorized access to protected network resources or can intercept VPN traffic
For technical details on the specific protocol sequences involved, refer to the strongSwan Blog Vulnerability Analysis.
Detection Methods for CVE-2021-45079
Indicators of Compromise
- Unexpected EAP-Success messages received before completion of EAP method exchange
- VPN connections established with incomplete authentication handshakes visible in strongSwan logs
- Anomalous IKEv2 message sequences where EAP-Success precedes expected EAP method messages
- Connections from untrusted or unexpected VPN responder IP addresses
Detection Strategies
- Monitor strongSwan logs for authentication anomalies, particularly EAP session establishments that lack expected method-specific messages
- Implement network intrusion detection rules to identify premature EAP-Success messages in IKEv2 traffic
- Deploy endpoint detection solutions to identify unauthorized VPN tunnel establishments
- Compare strongSwan installation versions against known vulnerable versions (prior to 5.9.5)
Monitoring Recommendations
- Enable verbose logging for strongSwan EAP authentication events to capture detailed handshake sequences
- Implement centralized log aggregation for all VPN endpoints to correlate suspicious authentication patterns
- Configure alerts for VPN connections that deviate from expected EAP method behavior
- Regularly audit connected VPN peers against an allowlist of authorized responders
How to Mitigate CVE-2021-45079
Immediate Actions Required
- Upgrade strongSwan to version 5.9.5 or later immediately on all affected systems
- Review all existing VPN connections for potential compromise if running vulnerable versions
- Verify the authenticity of VPN responder certificates and configurations
- Consider temporarily disabling EAP-only authentication until patched
Patch Information
The strongSwan project has addressed this vulnerability in version 5.9.5. Administrators should apply the appropriate patches for their distribution:
- Debian: Security updates are available through the Debian security repository for affected versions (9.0, 10.0, 11.0)
- Ubuntu: Canonical has released security updates for Ubuntu 14.04 ESM, 16.04 ESM, 18.04 LTS, 20.04 LTS, and 21.10
- Fedora/EPEL: Updates are available through standard Fedora repositories for Fedora 34, 35, and EPEL 7, 8, 9
For detailed information about the patch and its implementation, see the strongSwan Blog Vulnerability Analysis.
Workarounds
- If immediate patching is not possible, disable EAP-only authentication (eap_only = no in strongSwan configuration)
- Require certificate-based authentication in addition to EAP methods for mutual authentication
- Implement strict network segmentation to limit exposure of vulnerable VPN endpoints
- Deploy network monitoring to detect and block suspicious IKEv2/EAP traffic patterns
# Configuration example - Disable EAP-only authentication as a workaround
# In /etc/strongswan.conf or relevant configuration file:
charon {
# Disable EAP-only authentication to mitigate CVE-2021-45079
eap_only = no
# Require server certificate validation
signature_authentication = yes
signature_authentication_constraints = yes
}
Disclaimer: This content was generated using AI. While we strive for accuracy, please verify critical information with official sources.
