Lucene search

GoogleOSV:GHSA-8J98-CJFR-QX3H

HistoryDec 05, 2023 - 11:30 p.m.

github.com/ecies/go vulnerable to possible private key restoration

2023-12-0523:30:56

Google

osv.dev

ecies

private key restoration

vulnerability

patched

ecdh

secp256k1

CVSS3

4.9

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

LOW

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:L/I:L/A:N

AI Score

7.1

Confidence

Low

EPSS

0.001

Percentile

20.4%

JSON

Impact

If functions Encapsulate(), Decapsulate() and ECDH() could be called by an attacker, he could recover any private key that he interacts with.

Patches

Patched in v2.0.8

Workarounds

You could manually check public key by calling IsOnCurve() function from secp256k1 libraries.

References

https://github.com/ashutosh1206/Crypton/blob/master/Diffie-Hellman-Key-Exchange/Attack-Invalid-Curve-Point/README.md

References

github.com/ashutosh1206/Crypton/blob/master/Diffie-Hellman-Key-Exchange/Attack-Invalid-Curve-Point/README.md

github.com/ecies/go

github.com/ecies/go/commit/c6e775163866d6ea5233eb8ec8530a9122101ebd

github.com/ecies/go/releases/tag/v2.0.8

github.com/ecies/go/security/advisories/GHSA-8j98-cjfr-qx3h

nvd.nist.gov/vuln/detail/CVE-2023-49292

CVSS3

4.9

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

LOW

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:L/I:L/A:N

AI Score

7.1

Confidence

Low

EPSS

0.001

Percentile

20.4%

JSON

Related for OSV:GHSA-8J98-CJFR-QX3H