// For flags

CVE-2024-5288

Safe-error attack on TLS 1.3 Protocol

Severity Score

5.1
*CVSS v3.1

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

0
*Multiple Sources

Exploited in Wild

-
*KEV

Decision

Track
*SSVC
Descriptions

An issue was discovered in wolfSSL before 5.7.0. A safe-error attack via Rowhammer, namely FAULT+PROBE, leads to ECDSA key disclosure. When WOLFSSL_CHECK_SIG_FAULTS is used in signing operations with private ECC keys,

such as in server-side TLS connections, the connection is halted if any fault occurs. The success rate in a certain amount of connection requests can be processed via an advanced technique for ECDSA key recovery.

*Credits: Kemal Derya, M. Caner Tol, Berk Sunar
CVSS Scores
Attack Vector
Local
Attack Complexity
High
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
None
Availability
None
* Common Vulnerability Scoring System
SSVC
  • Decision:Track
Exploitation
None
Automatable
No
Tech. Impact
Partial
* Organization's Worst-case Scenario
Timeline
  • 2024-05-23 CVE Reserved
  • 2024-08-27 CVE Published
  • 2024-08-27 CVE Updated
  • 2024-08-28 EPSS Updated
  • ---------- Exploited in Wild
  • ---------- KEV Due Date
  • ---------- First Exploit
CWE
  • CWE-922: Insecure Storage of Sensitive Information
CAPEC
  • CAPEC-624: Hardware Fault Injection
Affected Vendors, Products, and Versions
Vendor Product Version Other Status
Vendor Product Version Other Status <-- --> Vendor Product Version Other Status
WolfSSL Inc.
Search vendor "WolfSSL Inc."
WolfSSL
Search vendor "WolfSSL Inc." for product "WolfSSL"
<= 5.7.0
Search vendor "WolfSSL Inc." for product "WolfSSL" and version " <= 5.7.0"
en
Affected