CVE-2020-15309

An issue was discovered in wolfSSL before 4.5.0, when single precision is not employed. Local attackers can conduct a cache-timing attack against public key operations. These attackers may already have obtained sensitive information if the affected system has been used for private key operations (e.g., signing with a private key).

CVSS v3 7.0 HIGH
CVSS v2.0 6.9 MEDIUM

7.0^/10

CVSS v3 : HIGH

Vector :

Exploitability : 1.0 / Impact : 5.9

Attack Vector LOCAL

Attack Complexity HIGH

Privileges Required LOW

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

6.9^/10

CVSS v2.0 : MEDIUM

Vector : AV:L/AC:M/Au:N/C:C/I:C/A:C

Exploitability : 3.4 / Impact : 10.0

Access Vector LOCAL

Access Complexity MEDIUM

Authentication NONE

Confidentiality Impact COMPLETE

Integrity Impact COMPLETE

Availability Impact COMPLETE

References

Link	Resource
https://arxiv.org/abs/2008.12188	Exploit Third Party Advisory
https://github.com/wolfSSL/wolfssl/releases/tag/v4.5.0-stable	Third Party Advisory

Configurations

Configuration 1 (hide)

cpe:2.3:a:wolfssl:wolfssl:*:*:*:*:*:*:*:*

History

No history.

Information

Published : 2020-08-21 14:15

Updated : 2024-02-04 21:00

NVD link : CVE-2020-15309

Mitre link : CVE-2020-15309

CVE.ORG link : CVE-2020-15309

JSON object : View

Products Affected

wolfssl

wolfssl

CWE

CWE-362

Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')

{"id": "CVE-2020-15309", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 6.9, "accessVector": "LOCAL", "vectorString": "AV:L/AC:M/Au:N/C:C/I:C/A:C", "authentication": "NONE", "integrityImpact": "COMPLETE", "accessComplexity": "MEDIUM", "availabilityImpact": "COMPLETE", "confidentialityImpact": "COMPLETE"}, "acInsufInfo": false, "impactScore": 10.0, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 3.4, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}], "cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.0, "attackVector": "LOCAL", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "HIGH", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 1.0}]}, "published": "2020-08-21T14:15:11.060", "references": [{"url": "https://arxiv.org/abs/2008.12188", "tags": ["Exploit", "Third Party Advisory"], "source": "cve@mitre.org"}, {"url": "https://github.com/wolfSSL/wolfssl/releases/tag/v4.5.0-stable", "tags": ["Third Party Advisory"], "source": "cve@mitre.org"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-362"}]}], "descriptions": [{"lang": "en", "value": "An issue was discovered in wolfSSL before 4.5.0, when single precision is not employed. Local attackers can conduct a cache-timing attack against public key operations. These attackers may already have obtained sensitive information if the affected system has been used for private key operations (e.g., signing with a private key)."}, {"lang": "es", "value": "Se detect\u00f3 un problema en wolfSSL versiones anteriores a 4.5.0, cuando no se emplea precisi\u00f3n simple. Unos atacantes locales pueden conducir un ataque de sincronizaci\u00f3n de cach\u00e9 contra operaciones de clave p\u00fablica. Es posible que estos atacantes ya hayan obtenido informaci\u00f3n confidencial si el sistema afectado ha sido usado para operaciones de clave privada (por ejemplo, firmar con una clave privada)."}], "lastModified": "2022-11-16T13:50:21.667", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:wolfssl:wolfssl:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "CA022760-AD25-4191-AAE9-28F3641BB2EB", "versionEndExcluding": "4.5.0"}], "operator": "OR"}]}], "sourceIdentifier": "cve@mitre.org"}