CVE-2023-24533

Summary

Multiplication of certain unreduced P-256 scalars produce incorrect results. There are no protocols known at this time that can be attacked due to this.

Affected Software

VendorProductVersion RangeStatus
filippo.io/nistecfilippo.io/nistec0 < 0.0.2affected

Weaknesses

  • CWE-682: Incorrect Calculation

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References