ROBOT Attack

On 12 December 2017, a research paper entitled “Return of Bleichenbacher’s Oracle Threat” (ROBOT) was made publicly available. ROBOT is the return of a 19-year-old vulnerability which, under some circumstances, may allow for traffic decryption and server identity theft (websites).

Affected systems: to date, vulnerable implementations from Cisco, Citrix, F5, Oracle, Radware and open-source projects, such as Bouncy Castle, Erlang and WolfSSL, have already been identified. Researchers have also examined Alexa’s top 100 domains and concluded that 27 of those subdomains host vulnerable websites, including popular websites, such as Facebook and Paypal. To check whether your system has been affected, take this simple test:  


  • Carry out a vulnerability analysis;
  • Disable TLS RSA cyphers;
  • Apply safety patches and other specific recommendations from manufacturers.

Links that provide relevant information in relation to the recent occurrence:

Vulnerability management within organisations is a complex task. Warpcom’s portfolio offers solutions that help organisations with their vulnerability management. In this context, we highlight our partnership with Tenable and its solutions, as well as the Tenable Security Center.

Paulo Rosa

Security & Public Safety Business Unit Manager

Related articles



On June 27th, a Ransomware campaign affected organizations in several countries: Russia, Ukraine, India, Spain,...



Over the last few days, Warpcom has been receiving several requests for information and recommendations on the recent...





Warp InfoNew

Get all the Warpcom content!

Related articles