National Research Center for Applied Cybersecurity ATHENE: Severe Vulnerabilities Discovered in Software to Protect Internet Routing
A research team from the National Research Center for Applied Cybersecurity ATHENE led by Prof. Dr. Haya Schulmann has uncovered 18 vulnerabilities in crucial software components of Resource Public Key Infrastructure (RPKI). RPKI is an Internet standard meant to protect Internet traffic from being hijacked by hackers. By now, all affected vendors provided patches for their products. The vulnerabilities could have had devastating consequences: Internet hijacks have already been exploited, e.g., for phishing passwords and other sensitive information, tricking certificate authorities into issuing fraudulent Web certificates, stealing cryptocurrency, distributing malware, and poisoning caches of DNS servers.
Frankfurt and Darmstadt, April 2024
The ATHENE team consisting of Prof. Dr. Haya Schulmann and Niklas Vogel, both from Goethe University of Frankfurt, Donika Mirdita from TU Darmstadt, and Prof. Dr. Michael Waidner from TU Darmstadt and Fraunhofer SIT uncovered and disclosed 18 vulnerabilities. The National Vulnerability Database (NVD), operated by the US National Institute of Standards and Technology (NIST), assigned five Common Vulnerabilities and Exposures (CVE) entries to these vulnerabilities, some critical with a score of 9.3 out of 10. The team used a testing tool, CURE, which they developed specifically for this project and which ATHENE makes available free of charge to all developers of RPKI software. The researchers found vulnerabilities in all popular implementations of the validator component of RPKI. They range between crashes, violation of standard behavior, and even severe bugs that allow a network adversary to completely take over an RPKI certificate hierarchy in order to inject its own trust anchor – effectively being able to forge authentic and valid yet bogus routing information (i.e., BGP announcements). It is unknown whether any of the vulnerabilities were already exploited by hackers in the wild.
RPKI is a relatively new standard. Today, about 50% of the Internet’s network prefixes are covered by RPKI certificates, and 37.8% of all Internet domains validate RPKI certificates. In particular, many large providers and operators support RPKI, e.g., Amazon Web Services, Cogent, Deutsche Telekom, Level 3, and Zayo.
The research work was carried out in the ATHENE research area Analytic Based Cybersecurity (ABC) (more information at https://abc.athene-center.de/en/ ) and appeared at the 2024 Network and Distributed System Security (NDSS) Symposium in San Diego, California, USA. The research paper can be downloaded from https://www.ndss-symposium.org/ndss-paper/the-cure-to-vulnerabilities-in-rpki-validation/. The testing tool CURE developed and used by the researchers to uncover the vulnerabilities can be downloaded from https://github.com/rp-cure/rp-cure.
The National Research Center for Applied Cybersecurity ATHENE is a research center of the Fraunhofer Society that brings together the Fraunhofer Institutes for Secure Information Technology (SIT) and for Computer Graphics Research (IGD), Technische Universität Darmstadt, Goethe-Universität Frankfurt am Main, and Darmstadt University of Applied Sciences. With more than 600 scientists, ATHENE is Europe's most prominent cybersecurity research center and Germany’s leading scientific research institution in this domain. ATHENE is supported by the German Federal Ministry of Education and Research (BMBF) and the Hessian Ministry for Higher Education, Research, Science and the Arts (HMWK). Further information about ATHENE can be found at https://www.athene-center.de/en/.
Press Contact: Mrs. Cornelia Reitz, cornelia.reitz@athene-center.de
Subscribe to releases from news aktuell GmbH
Subscribe to all the latest releases from news aktuell GmbH by registering your e-mail address below. You can unsubscribe at any time.
Latest releases from news aktuell GmbH
HEIDELBERG/Amperfied presents new DC fast charging solution with comprehensive range of services: Focus on dynamic power distribution and high availability7.5.2025 08:56:00 CEST | Press release
Offer is aimed at the increasing demand from charging parks, logistics depots and haulage fleets Amperfied addresses demand for fast charging system solutions with new DC product and performance-based offering DC becomes part of an availability-based operating hours model Modular technology for optimum utilization of the charging system and small footprint Debut at the Power2Drive 2025 Amperfied GmbH, a subsidiary of Heidelberger Druckmaschinen AG (HEIDELBERG), is entering the market for fast charging solutions complete with a comprehensive range of services. At the Power2Drive trade fair in Munich, the company will unveil its modular DC fast charging solution called Amperfied Dynamic DC, which focuses on availability and efficiency. The offering is aimed primarily at the growing demand from charging parks, logistics depots and haulage fleets for high-availability system solutions. This is because only with fast and functional charge points can charging infrastructure operators (CPOs)
HEIDELBERG holds its ground in a difficult market environment in FY 2024/25 - targets achieved, significant increase in incoming orders compared to previous year6.5.2025 08:52:59 CEST | Press release
Sales and adjusted EBITDA margin at previous year's level according to preliminary figures Free cash flow excluding special items clearly positive at around € 50 million Rising order intake compared to previous year lays the foundation for a good start to FY 2025/26 Additional, positive order impetus expected from China Print trade fair in May Adjusted EBITDA margin to rise to around 8 percent in FY 2025/26
eM Client version 10.3 adds features familiar from Postbox5.5.2025 13:32:56 CEST | Press release
Prague – 05.05.2025 - The Czech company eM Client has launched a new version of its eponymous email application, positioning their software as the primary rival to Microsoft Outlook in the email app market. The most recent release, version 10.3, also incorporates the most popular features from Postbox, an email application developed by Postbox Inc., which has ceased operations and was acquired by eM Client in 2024.
TRENTAR MOBILITY GmbH enters the German market and acquires ORTEN Group – strategic partnership for future technologies and growth5.5.2025 10:30:00 CEST | Press release
ORTEN Group remains independent and will serve as TRENTAR MOBILITY’s growth platform in Europe Expansion of competencies in future mobility solutions, along with broader access to investments, markets, and technological expertise TRENTAR MOBILITY is exploring additional strategic growth opportunities and is interested in acquiring further manufacturers in Europe for growth in the future mobility sector
Biomay Obtains FDA Approval for Manufacturing of Cas9 Nuclease at Headquarters Site29.4.2025 14:00:00 CEST | Press release
The company announced its successful approval by the U.S. Food and Drug Administration (FDA) for the manufacturing, testing and release of recombinant Cas9 nuclease from its headquarters site. Cas9 is an essential component of CRISPR-based gene editing therapies, including CASGEVY® (exagamglogene autotemcel) developed and launched by Vertex Pharmaceuticals.
In our pressroom you can read all our latest releases, find our press contacts, images, documents and other relevant information about us.
Visit our pressroom