SSL FREAK Vulnerablity

As security experts, AppSec Labs can help you protect against SSL based attacks as well as keeping our website, safe from these attacks.

SSL/TLS is a transport encryption protocol which is used by most applications and infrastructure to provide confidentiality and integrity for safe communication between a client and a server.

As for the confidentiality part, it uses encryption to avoid protocol analysis and eavesdropping. Common implementations of SSL/TLS, such as OpenSSL allow the configuration of the cipher suites that could be used for the communication.

On Tuesday, March 3rd 2015, a new vulnerability was disclosed by researchers, called “FREAK”. This vulnerability is on the protocol and is of RSA weak key downgrade type (forcing the connection between a client and a server to use “export-grade” cryptography by intercepting HTTPS communication), which can then be decrypted for altering the content or disclose information.

A compromised connection poses a security threat as it violates confidentiality.


If a server that supports SSL accepts RSA_EXPORT cipher suits (for example: TLS_RSA_EXPORT_WITH_DES40_CBC_SHA), it is vulnerable to FREAK Attack.


According to the National Cyber Awareness System, the CVSS severity is as follows:

CVSS Severity (version 2.0):

CVSS v2 Base Score: 5.0 (MEDIUM) (AV:N/AC:L/Au:N/C:N/I:P/A:N) (legend)

Impact Subscore: 2.9

Exploitability Subscore: 10.0

CVSS Version 2 Metrics:

Access Vector: Network exploitable

Access Complexity: Low

Authentication: Not required to exploit

Impact Type: Allows unauthorized modification


If a client offers RSA_EXPORT suit, or is using an SSL client that is vulnerable to CVE-2015-0204 (such as unpatched OpenSSL client) then it is vulnerable to the FREAK attack.

Please note that the client can also be an Android or an iOS client.


To check whether the client that is you are using is safe or vulnerable to FREAK attack, visit:


To fix a server that has been found to be vulnerable to SSL FREAK attack, it is recommended to disable all known vulnerable cipher suits, including RSA Export cipher suits and enable Forward Secrecy.


You can also refer to the SSL Configuration Generator that was published by Mozilla.

To check if your server is vulnerable to FREAK Attack, you can download a tool: AppSec Labs FREAK SSL Checker (You will also need a version of OpenSSL pre-compiled binaries at the same directory of the script).
The AppSec Labs FREAK Checker tool uses a vulnerable OpenSSL client and tries to establish a connection using RSA_Export cipher suit. It then reports back whether the server is safe from the attack, or vulnerable to it.


I hope that it has been informative for you 🙂



Gilad Ofir, Application Security Consultant, AppSec Labs

My Linkedin page :

2 replies
    • Gilad Ofir
      Gilad Ofir says:

      Thank you for your comment!
      The script requires the binaries of OpenSSL to reside in the same folder in order to run, or else it will be unable to test for the vulnerability.
      I will provide a version that includes the binaries and a running executable soon!
      For now, you can just add them manually (
      I checked it myself (whether google is vulnerable or not) and the results came in negative


Leave a Reply

Want to join the discussion?
Feel free to contribute!

Leave a Reply

Your email address will not be published. Required fields are marked *