CVE-2023-6935

Marvin Attack vulnerability in SP Math All RSA

Severity Score

5.9

*CVSS v3.1

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

*Multiple Sources

Exploited in Wild

*KEV

Decision

Track

*SSVC

Descriptions

wolfSSL SP Math All RSA implementation is vulnerable to the Marvin Attack, new variation of a timing Bleichenbacher style attack, when built with the following options to configure:

--enable-all CFLAGS="-DWOLFSSL_STATIC_RSA"

The define “WOLFSSL_STATIC_RSA” enables static RSA cipher suites, which is not recommended, and has been disabled by default since wolfSSL 3.6.6. Therefore the default build since 3.6.6, even with "--enable-all", is not vulnerable to the Marvin Attack. The vulnerability is specific to static RSA cipher suites, and expected to be padding-independent.

The vulnerability allows an attacker to decrypt ciphertexts and forge signatures after probing with a large number of test observations. However the server’s private key is not exposed.

wolfSSL SP Math Toda la implementación de RSA es vulnerable al ataque Marvin, una nueva variación de un ataque de sincronización de estilo Bleichenbacher, cuando se construye con las siguientes opciones para configurar: --enable-all CFLAGS="-DWOLFSSL_STATIC_RSA" La definición "WOLFSSL_STATIC_RSA" habilita RSA estático conjuntos de cifrado, que no se recomienda y ha estado deshabilitado de forma predeterminada desde wolfSSL 3.6.6. Por lo tanto, la compilación predeterminada desde 3.6.6, incluso con "--enable-all", no es vulnerable al ataque Marvin. La vulnerabilidad es específica de los conjuntos de cifrado RSA estáticos y se espera que sea independiente del relleno. La vulnerabilidad permite a un atacante descifrar textos cifrados y falsificar firmas después de realizar una gran cantidad de observaciones de prueba. Sin embargo, la clave privada del servidor no está expuesta.

*Credits: Hubert Kario, tlsfuzzer

CVSS Scores

wolfSSL Inc.v3.1 5.9

Attack Vector

Network

Attack Complexity

High

Privileges Required

None

User Interaction

None

Scope

Unchanged

Confidentiality

High

Integrity

None

Availability

None

* Common Vulnerability Scoring System

SSVC

Decision:Track

Exploitation

None

Automatable

Tech. Impact

Partial

* Organization's Worst-case Scenario

Timeline

2023-12-18 CVE Reserved
2024-02-09 CVE Published
2024-08-02 CVE Updated
2024-11-08 EPSS Updated
---------- Exploited in Wild
---------- KEV Due Date
---------- First Exploit

CWE

CWE-203: Observable Discrepancy

CAPEC

CAPEC-463: Padding Oracle Crypto Attack

References (2)

URL	Tag	Source
https://people.redhat.com/~hkario/marvin	Technical Description
https://www.wolfssl.com/docs/security-vulnerabilities

URL	Date	SRC

URL	Date	SRC

URL	Date	SRC

Affected Vendors, Products, and Versions

Vendor		Product				Version		Other		Status
Vendor	Product	Version	Other	Status	<-- -->	Vendor	Product	Version	Other	Status
WolfSSL Search vendor "WolfSSL"		WolfSSL Search vendor "WolfSSL" for product "WolfSSL"				>= 3.12.2 <= 5.6.4 Search vendor "WolfSSL" for product "WolfSSL" and version " >= 3.12.2 <= 5.6.4"		en		Affected