All Advisories

secon-tool

Sender Impersonation via Certificate Issuer Validation Gap

When the certificate that signed an inbound message is not found directly in the recipient's directory, secon-tool verifies the certificate the message carries by locating its issuer in the directory and checking the issuer's signature over it, without checking that the matched issuer is a certificate authority. Any end-entity participant certificate present in the directory is therefore accepted as a signing authority. An enrolled participant who holds such a certificate's private key can mint a child certificate bearing an arbitrary subject name and have a message verified under that impersonated identity.

This advisory contains limited information during coordinated disclosure. Please check back later for full details.

Authored byVolker Schönefeld, Simon Weber2026-07-15
SeverityMediumCVSS 6.5CVSS 3.1 VectorAV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:NCWECWE-295 (Improper Certificate Validation)Productsecon-toolAffected Versions1.2.0 and 1.2.1 (the embedded-certificate verification path was introduced in 1.2.0).Fixed In1.2.3CVECVE-2026-62359GHSAGHSA-qfq7-8jgh-2272

Description

secon-tool is the open-source reference implementation of the GKV SECON security interface (Anlage 16), which signs and encrypts message exchange across the German statutory health insurance system. We appreciate the project's work on a clean, auditable foundation for this interface. We reported this finding privately to Techniker Krankenkasse in June 2026; they responded constructively and released a fix.

The fix makes the issuer lookup reject any certificate whose BasicConstraints does not mark it as a certificate authority, so an end-entity participant certificate can no longer act as a signing authority. This is a coordinated disclosure; the full technical writeup follows once the remediation window closes.

Impact

  • An enrolled participant can forge a SECON message that the recipient, a Krankenkasse or Leistungserbringer, attributes to a different participant, using only their own legitimately issued certificate and its private key plus the recipient's public certificate. The reach depends on how the recipient's directory is populated: deployments that place end-entity participant certificates in the keystore secon-tool uses as its directory are affected, while a deployment that holds only certificate-authority certificates there and resolves participants over LDAP is not affected through this path. Where a consumer gates an authorization decision on the authenticated-sender identity, the attacker obtains the impersonated party's authorization, and the billing, membership, or DiGA record processed under the spoofed identity belongs to a real insured person.

Mitigation

Upgrade to secon-tool 1.2.3 or later, which rejects any issuer candidate that is not marked as a certificate authority. Until upgraded, operators can reduce exposure by auditing the keystore secon-tool uses as its directory and removing any end-entity (non-CA) participant certificates; where participant certificates must remain reachable, prefer an LDAP-based directory that holds only certificate-authority certificates.

References

How We Can Help

Who We Are

The security researchers behind this advisory.

Dr. Simon Weber Profile

Dr. rer. nat. Simon Weber

Senior Pentester & MedSec Researcher

I evaluate your SaMD with the same industry-defining security insight I contributed to the BAK MV for the revision of the B3S standard.

  • PhD on Hospital Cybersecurity
  • Critical vulnerabilities found in hospital systems
  • Alumni of THB MedSec Research Group
  • gematik Security Hero
Volker Schönefeld Profile

Dipl.-Inf. Volker Schönefeld

Senior Application Security Expert

As a former CTO and developer turned pentester, I work alongside your team to uncover vulnerabilities and find solutions that fit your architecture.

  • 20+ years as CTO, 50M+ app downloads
  • Architected and secured large-scale IoT fleets
  • Certified Web Exploitation Specialist
  • gematik Security Hero

Looking for a Penetration Test?

Machine Spirits specializes in security assessments for medical devices and healthcare IT. From MDR penetration testing to C5 cloud compliance, we help MedTech companies meet regulatory requirements.