Processing of Change Cipher Spec

OWASP 2013-A9 OWASP 2017-A9 OWASP 2021-A6 PCI v3.2-6.5.4 OWASP PC-C1 CAPEC-217 CWE-326 ISO27001-A.14.1.2 WSTG-CRYP-01

The OpenSSL’s ChangeCipherSpec a.k.a CCS injection attack is a major vulnerability attack through which an attacker can perform a man-in-the-middle attack to sniff encrypted data between the server and the clients. The attacker can decrypt the sniffed data to leak sensitive information about the server. The attacker can decrypt the sniffed data because CCS injection attack forces the victim application to use weak encryption keys to encrypt the communication. The Change cipher spec protocol is used to alter the secret writing sent between the server and the client. The CCS protocol is commonly used as a part of the handshake method to change to cruciate key secret writing. The CCS protocol is a single message that tells the peer that the sender needs to alter a brand new set of keys, that are then created from info changed by the handshake protocol. There are many web applications that do not properly restrict processing of ChangeCipherSpec messages. This negligence might allow a man-in-the-middle attackers to trigger a CCS injection using a zero-length master key in vulnerable OpenSSL-to-OpenSSL communication, and consequently, hijack sessions or obtain sensitive information.


The impact of this vulnerability include:-

  • A man-in-the-middle attack is most likely possible due to this vulnerability.
  • Information Disclosure: Remote attackers can gain sensitive information from vulnerable systems.

Mitigation / Precaution

Beagle recommends the following:-

  • Not to use a vulnerable version of OpenSSL(affected are versions 1.0.1 and 1.0.2-beta1)
  • Patch OpenSSL version. The patch is available in
  • The following OpenSSL versions should be updated:-
    • OpenSSL 1.0.1 DTLS should be upgraded to 1.0.1h.

    • OpenSSL 1.0.0 DTLS should be upgraded to 1.0.0m.

    • OpenSSL 0.9.8 DTLS should be upgraded to 0.9.8za.

  • If the application is built on the following vender’s version of OpenSSL, check the patch in their respective site:-
    • CentOS
    • Debian
    • Gentoo
    • RedHat
    • Ubuntu

Related Articles