// For flags

CVE-2022-31172

OpenZeppelin Contracts's SignatureChecker may revert on invalid EIP-1271 signers

Severity Score

7.5
*CVSS v3.1

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

0
*Multiple Sources

Exploited in Wild

-
*KEV

Decision

-
*SSVC
Descriptions

OpenZeppelin Contracts is a library for smart contract development. Versions 4.1.0 until 4.7.1 are vulnerable to the SignatureChecker reverting. `SignatureChecker.isValidSignatureNow` is not expected to revert. However, an incorrect assumption about Solidity 0.8's `abi.decode` allows some cases to revert, given a target contract that doesn't implement EIP-1271 as expected. The contracts that may be affected are those that use `SignatureChecker` to check the validity of a signature and handle invalid signatures in a way other than reverting. The issue was patched in version 4.7.1.

OpenZeppelin Contracts es una biblioteca para el desarrollo de contratos inteligentes. Las versiones 4.1.0 hasta 4.7.1, son vulnerables a una reversión de SignatureChecker. No es esperado que "SignatureChecker.isValidSignatureNow" revierta. Sin embargo, una suposición incorrecta sobre "abi.decode" de Solidity versión 0.8 permite que algunos casos sean revertidos, dado un contrato de destino que no implementa EIP-1271 como es esperado. Los contratos que pueden verse afectados son los que usan "SignatureChecker" para comprobar la validez de una firma y manejar las firmas no válidas de una forma distinta a la reversión. El problema fue parcheado en versión 4.7.1

*Credits: N/A
CVSS Scores
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
None
Integrity
High
Availability
None
Attack Vector
Network
Attack Complexity
Low
Authentication
None
Confidentiality
None
Integrity
Complete
Availability
None
* Common Vulnerability Scoring System
SSVC
  • Decision:-
Exploitation
-
Automatable
-
Tech. Impact
-
* Organization's Worst-case Scenario
Timeline
  • 2022-05-18 CVE Reserved
  • 2022-07-21 CVE Published
  • 2024-02-11 EPSS Updated
  • 2024-08-03 CVE Updated
  • ---------- Exploited in Wild
  • ---------- KEV Due Date
  • ---------- First Exploit
CWE
  • CWE-20: Improper Input Validation
  • CWE-347: Improper Verification of Cryptographic Signature
CAPEC
Affected Vendors, Products, and Versions
Vendor Product Version Other Status
Vendor Product Version Other Status <-- --> Vendor Product Version Other Status
Openzeppelin
Search vendor "Openzeppelin"
 Contracts
Search vendor "Openzeppelin" for product "Contracts"
 >= 4.1.0 < 4.7.1
Search vendor "Openzeppelin" for product "Contracts" and version " >= 4.1.0 < 4.7.1"
node.js
Affected