CVE-2023-6935
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
Summary
wolfSSL SP Math All RSA implementation is vulnerable to the Marvin Attack, new variation of a timing Bleichenbacher style attack, when built with the following options to configure:
–enable-all CFLAGS="-DWOLFSSL_STATIC_RSA"
The define “WOLFSSL_STATIC_RSA” enables static RSA cipher suites, which is not recommended, and has been disabled by default since wolfSSL 3.6.6. Therefore the default build since 3.6.6, even with "–enable-all", is not vulnerable to the Marvin Attack. The vulnerability is specific to static RSA cipher suites, and expected to be padding-independent.
The vulnerability allows an attacker to decrypt ciphertexts and forge signatures after probing with a large number of test observations. However the server’s private key is not exposed.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| wolfSSL | wolfSSL | 3.12.2 <= 5.6.4 | affected |
Weaknesses
- CWE-203: CWE-203 Observable Discrepancy
Workarounds
- Do not enable static RSA cipher suites
- Use TLS 1.3
- Build with –enable-sp, or –enable-sp-asm
ADP Enrichment
CISA ADP Vulnrichment
- SSVC:
- Exploitation: none
- Automatable: no
- Technical Impact: partial
CVE Program Container
Additional References
References
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.