OpenDDS and ROS 2 Secure DDS Improper PKCS#7 Certificate Validation Vulnerability

A vulnerability exists in certain Data Distribution Service (DDS) implementations, including OpenDDS and ROS 2, due to improper validation of PKCS#7 certificates. This flaw allows an attacker to create malicious DDS participants or ROS 2 nodes with valid certificates, potentially compromising the security of the DDS databus system. The issue arises from a non-compliant implementation of permission document verification by some DDS vendors, specifically related to the incorrect use of the OpenSSL PKCS7_verify function for validating S/MIME signatures.

Impact

Exploitation of this vulnerability could lead to unauthorized control over the affected DDS databus system, allowing malicious nodes to manipulate permissions and potentially disrupt communication or data integrity within the system.

Reproduction

The vulnerability can be reproduced by creating a DDS security keystore that uses a single Certificate Authority (CA) for both identity and permissions. A malicious node can then sign its own permissions document with its enclave certificate and private key, and publish the signed document over DDS. Other nodes will accept the signature because the enclave certificate is validated by the same CA that oversees permissions, creating a false sense of security.

Remediation

To address this vulnerability, separate the roles of Identity CA and Permissions CA into different certificates. This change will prevent malicious nodes from exploiting the certificate validation process to gain unauthorized control over the DDS databus system.