CVE-2023-51939

2024-02-0100:00:00

mitre

www.cve.org

relic relic-toolkit

cp_bbs_sig function

remote attacker

sensitive information

escalate privileges

8.8 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

44.3%

JSON

An issue in the cp_bbs_sig function in relic/src/cp/relic_cp_bbs.c of Relic relic-toolkit 0.6.0 allows a remote attacker to obtain sensitive information and escalate privileges via the cp_bbs_sig function.

References

gist.github.com/liang-junkai/1b59487c0f7002fa5da98035b53e409f

github.com/liang-junkai/Relic-bbs-fault-injection

github.com/relic-toolkit/relic/issues/284