eProsima Fast DDS Improper Certificate Revocation Validation Vulnerability

A vulnerability exists in eProsima Fast DDS version 3.3 due to improper validation of ticket revocation, leading to insecure communications and connections. The issue arises because the software only checks certificate expiration during the initial handshake, using OpenSSL's certificate verification. After the connection is established, continuous validation of certificate expiration is neglected. This flaw allows attackers to exploit short-term valid certificates to maintain connections and communications even after the certificates have expired, bypassing security policies and access controls. Consequently, this vulnerability undermines the certificate authentication mechanism of DDS Security, potentially causing compliance issues.

Impact

Exploitation of this vulnerability can result in unauthorized access and communication, allowing connections to be maintained even after certificates have expired, thereby bypassing established security policies and access controls.

Reproduction

To reproduce this vulnerability, establish a connection using a certificate that is valid for a short term but has expired by the time of communication. This can be done by manipulating the certificate's validity period to create a window where it is accepted during the initial handshake but expires before the connection is terminated. Once the connection is established, the absence of ongoing certificate validation can be observed, demonstrating how the vulnerability allows for continued communication despite the expired certificate.