D(HE)at is a denial-of-service (DoS) attack on the finite field Diffie-Hellman (DH) key exchange protocol allowing remote users without any privileges triggering expensive server-side DH modular-exponentiation calculations without any significant resource (CPU) requirement on the attacker’s side.

CVE-2002-20001 was assigned to the attack and a full technical paper published at IEEE Access, while there are additional implementation issues (CVE-2022-40735, CVE-2024-41996) that strongly influences the affect of an attack.

Cryptolyzer, ssh-audit (open source), and Scanigma (SaaS) can be used to check whether your service is affected by D(HE)at attack.

Recent References

Security update for openssl-3

read more

More

CVE-2024-41996

CVE-2024-41996

CVE-2024-41996

D(HE)at Attack – 20-Yr-old Flaw Let Attackers Exploit Diffie-Hellman Protocol To Over-Heat Your CPU

All References