-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

=============================================================================
pfSense-SA-25_04.webgui                                     Security Advisory
                                                                      pfSense

Topic:          Potential disclosure of AutoConfigBackup Device Key if SSH
                service is enabled and exposed to untrusted networks

Category:       pfSense Base System
Module:         webgui
Announced:      2025-05-16
Credits:        Github user NavyTitanium
CVE ID:         CVE-2024-57273
Affects:        pfSense Plus software versions < 25.07
                pfSense CE software versions < 2.8.0
Corrected:      2024-12-27 14:02:35 UTC (pfSense Plus master, 25.07)
                2024-12-27 14:02:35 UTC (pfSense CE master, 2.8.0)

0.   Revision History

v1.1  2025-07-02 Updated pfSense Plus software version numbers
v1.0  2025-05-16 Initial SA draft

I.   Background

pfSense® software is a free network firewall distribution based on the
FreeBSD operating system.  The pfSense software distribution includes third-
party free software packages for additional functionality, and provides most of
the functionality of common commercial firewalls.

pfSense® Plus is the productized version of pfSense software from Netgate®,
previously referred to as pfSense Factory Edition (FE). It is available to
Netgate appliance and CSP customers.

The majority of users of pfSense software have never installed or used a stock
FreeBSD system.  Unlike similar GNU/Linux-based firewall distributions, there
is no need for any UNIX knowledge.  The command line is never used, and there
is no need to ever manually edit any rule sets. Instead, pfSense software
includes a web interface for the configuration of all included components.
Users familiar with commercial firewalls will quickly understand the web
interface, while those unfamiliar with commercial-grade firewalls may encounter
a short learning curve.

II.  Problem Description

The AutoConfigBackup service associated backups with a host by a hash of its SSH
public host key, which is known as the "device key" in AutoConfigBackup. This
device key could not be changed by the user without reinstalling pfSense
software or otherwise manually regenerating SSH host keys.

If a user has exposed the SSH service on a device to an untrusted network, a
malicious client on that untrusted network could probe the SSH service and
determine the hash of the public host key. With that public host key they can
calculate the ACB device key.

This problem is present on all pfSense Plus software versions 24.11 and earlier,
pfSense "factory" versions 2.4.4 and later, and pfSense CE versions 2.4.4
through 2.7.2.

III. Impact

A malicious actor can perform actions on AutoConfigBackup content for a known
device key. These actions include listing backups, deleting backups, creating
new entries with malicious reason strings, and more. If the user has chosen a
weak encryption key, the content of the backups could also be compromised.

NOTE:
If a device does not have SSH enabled or its firewall rules do not expose SSH to
any untrusted networks (e.g. WAN) then that device is unaffected.

IV.  Workaround

To help mitigate the problem on older releases, use one or more of the
following:

* Disable the SSH service if it is not required.
* Limit access to the the SSH service to trusted administrative hosts and
  networks.
* Use a VPN to access administrative services on the firewall.
* Disable the AutoConfigBackup service and remove remote backup entries if it is
  no longer needed.
* If patching is not possible, consider manually erasing and re-generating the
  SSH host keys after locking down access to the SSH service. Save the old
  device key before taking any action. Consider removing backup entries stored
  under the old device key.

V.   Solution

The AutoConfigBackup service now defaults to using a randomized device key and
also allows users to generate a new device key on demand. The device key will
not change automatically if AutoConfigBackup is enabled. After upgrading to a
fixed version or applying patches to obtain the new AutoConfigBackup interface,
the best practice is to change the device key to a randomized value which has no
relation to the SSH host key. After confirming the service is working with the
new key, consider removing backups associated with the old legacy device key.

Users can upgrade to pfSense Plus software version 25.07 or later, or pfSense CE
software versions after 2.8.0 when available. This upgrade may be performed in
the web interface or from the console.

  See https://docs.netgate.com/pfsense/en/latest/install/upgrade-guide.html

Users on pfSense Plus version 24.11 and pfSense CE version 2.7.2 may apply the
fix from the recommended patches list in the System Patches package.

Users may also manually apply the relevant revisions below using the System
Patches package on earlier versions, or by manually making similar changes to
the affected files if the patches do not apply directly.

  See https://docs.netgate.com/pfsense/en/latest/development/system-patches.html

VI.  Correction details

The following list contains the correction revision commit ID for each affected
item.

Branch/path                                                        Revision
- - -------------------------------------------------------------------------
plus/plus-master                   c81106eb27b31ee4738addc45798ddc10ff6c841
                                   4ceeeb54c48d636b629e12e97c4a3d7eadbd9eed
                                   1c8e836c50fc50f685caca625917fcbef5429f79
pfSense/master                     c81106eb27b31ee4738addc45798ddc10ff6c841
                                   4ceeeb54c48d636b629e12e97c4a3d7eadbd9eed
                                   1c8e836c50fc50f685caca625917fcbef5429f79
- - -------------------------------------------------------------------------

VII. References

<URL:https://redmine.pfsense.org/issues/16015>
<URL:https://redmine.pfsense.org/issues/16016>
<URL:https://docs.netgate.com/pfsense/en/latest/backup/autoconfigbackup.html>
<URL:https://docs.netgate.com/pfsense/en/latest/install/upgrade-guide.html>
<URL:https://docs.netgate.com/pfsense/en/latest/development/system-patches.html>

The latest revision of this advisory is available at
<URL:https://docs.netgate.com/downloads/pfSense-SA-25_04.webgui.asc>
-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEE40XvjEU56XSUPIMdE7mH/ZIU+NoFAmhleAcACgkQE7mH/ZIU
+Np70Q/9G3Lhoo4nu6bNlevMv1KAczQpwWqrBTudQk8+Cb5qsN8CeY3ZhUI8i+DD
DNdusl0iinfOospCwPO405b1u48/wkjZtTm9YaDC5u/22INanMCuNSPFju/4cvFn
2o6TjQa28y4Q3Tdo5kmG6sb4uyJXbhASOF/jnRRVLr7IlUiH+rqXr4QjQrSznSLd
L7Lz2d6cnZhndpdiePCHgn3bRaK4kVmw8+DFb0qoao/anMmRKDdM0JKkIeEV/8a+
fDF+PpKOYhE6/Rrqp9FxJEV6ApPijln50OK02dKsNpSJcZPJHQ1th2lrg68fQ9zJ
9/HiSzasBnDGu5i3Uf9HZKDgZMItLZN8VMKIEH9M6CDOqN57gCGMdeJedRWwBD88
hq8Am1yoflpGfv69fwoWUyBzycxuQErZhYbrHxl+xJXWHGCrXdALB0TnpiOp0xYn
ywSoR1H5EL3pQWwor2fLYbb85UD1voiiWQT4nH7mHJuiB2TOOM0qInnXrLininNP
okwBhV8amYkRdsiAwqgH2fXm5GQF95j+/9Fg/PajqPiigCoWLiTeamH1wqMTJKmk
nFnTyGyzpK628PVYZmmkMSaVkgPYo6zQFms2NcSrV34Me5+MNkDUzFPLhVAygT2R
RaK92pwbevvTOMCiKbAsOQ79VhTCddfYnpgraIP0sHryYkpXnic=
=Wbcr
-----END PGP SIGNATURE-----