During a research project, SySS IT security expert Moritz Bechler found several security issues concerning the proprietary security protocol Oracle Native Network Encryption.
Oracle Native Network Encryption is the default protocol used for securing network connections between Oracle database clients and servers, for instance when using the Oracle Instant Client.
You can find the results of Moritz Bechler’s security analysis in his paper titled Oracle Native Network Encryption: Breaking a Proprietary Security Protocol.
A couple of months ago, we have reported the security vulnerabilities in the course of our responsible disclosure program, and they have already been fixed by Oracle in the July 2021 Critical Patch Update (CPU).
A successful attack against the Oracle Native Network Encryption is demonstrated in our PoC Video Attacking Oracle Native Network Encryption, which allows an attacker to hijack authenticated, cryptographically secured database connections, and thus gaining access to the database with the privileges of the targeted victim user.