CVE-2025-66016
9.3
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N
Summary
CGGMP24 is a state-of-art ECDSA TSS protocol that supports 1-round signing (requires 3 preprocessing rounds), identifiable abort, and a key refresh protocol. Prior to version 0.6.3, there is a missing check in the ZK proof that enables an attack in which single malicious signer can reconstruct full private key. This issue has been patched in version 0.6.3, for full mitigation it is recommended to upgrade to cggmp24 version 0.7.0-alpha.2 as it contains more security checks.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| LFDT-Lockness | cggmp21 | < 0.6.3 | affected |
Weaknesses
- CWE-345: CWE-345: Insufficient Verification of Data Authenticity
ADP Enrichment
CISA ADP Vulnrichment
- SSVC:
- Exploitation: none
- Automatable: yes
- Technical Impact: total
References
- https://github.com/LFDT-Lockness/cggmp21/security/advisories/GHSA-m95p-425x-x889
- https://www.dfns.co/article/cggmp21-vulnerabilities-patched-and-explained
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.