Investigating TLS Version Downgrade in Enterprise Software

In this paper, we revisit the problem of TLS version downgrade, with a specific focus on enterprise software, which are applications that play direct roles in the daily operations of an organization, including remote desktop, email, and VPN clients. Although TLS version downgrade is a classic problem, previous studies have mostly focused on its manifestations in browser applications. However, as TLS continues to gain prominence in other application scenarios, it is crucial to also investigate the implementation and deployment of TLS in other mission-critical appliances that depend upon TLS for their corresponding security guarantees. To this end, we identified and tested 217 enterprise software on 4 mainstream operating systems (OSes) for how they implement and deploy TLS downgrade defenses. We carefully designed a series of experiments to determine whether a client-side enterprise software is vulnerable to downgrade attacks. Results of our experiments paint the enterprise software ecosystem in a positive light, as only 8 enterprise client applications exhibit some vulnerabilities to TLS version downgrade due to missing protection mechanisms. Given the availability and low costs of standardized downgrade defenses, we champion their adoption by software vendors to put an end to the threat of TLS version downgrade. Finally, as various industries are moving away from legacy versions of TLS, it is also time for enterprise software vendors to rethink the necessity and merits of supporting old TLS versions in their products.