Multiple vulnerabilities in Mbed TLS

1) Cryptographic issues

EUVDB-ID: #VU29447

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2020-36422

CWE-ID: CWE-310 - Cryptographic Issues

Exploit availability: No

Description

The vulnerability allows a local user to perform a side-channel attack.

The vulnerability exists due to missing randomization in the mbedtls_ecp_check_pub_priv(), mbedtls_pk_parse_key(), mbedtls_pk_parse_keyfile(), mbedtls_ecp_mul(), and mbedtls_ecp_mul_restartable() functions in Mbed TLS. A local user can perform a side-channel attack on ECC key import and fully recover the private key after collecting a single trace of any of the affected functions.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

mbed TLS: 2.0.0 - 2.22.0

CPE2.3

• cpe:2.3:a:arm:mbed_tls:2.0.0:*:*:*:*:*:*:*
• cpe:2.3:a:arm:mbed_tls:2.19.1:*:*:*:*:*:*:*
• cpe:2.3:a:arm:mbed_tls:2.22.0:*:*:*:*:*:*:*
• cpe:2.3:a:arm:mbed_tls:2.3.0:*:*:*:*:*:*:*
• cpe:2.3:a:arm:mbed_tls:2.4.2:*:*:*:*:*:*:*
• cpe:2.3:a:arm:mbed_tls:2.5.1:*:*:*:*:*:*:*
• cpe:2.3:a:arm:mbed_tls:2.6.1:*:*:*:*:*:*:*
• cpe:2.3:a:arm:mbed_tls:2.7.15:*:*:*:*:*:*:*
• cpe:2.3:a:arm:mbed_tls:2.8.0:*:*:*:*:*:*:*
• cpe:2.3:a:arm:mbed_tls:2.9.0:*:*:*:*:*:*:*

External links

https://tls.mbed.org/tech-updates/security-advisories/mbedtls-security-advisory-2020-07

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

2) Cleartext transmission of sensitive information

EUVDB-ID: #VU71100

Risk: Medium

CVSSv4.0: 2.7 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Green]

CVE-ID: CVE-2020-36423

CWE-ID: CWE-319 - Cleartext Transmission of Sensitive Information

Exploit availability: No

Description

The vulnerability allows a remote attacker to gain access to sensitive information.

The vulnerability exists due to an issue in Lucky 13 counter-measure that could make it ineffective when hardware accelerators were used (using one of the MBEDTLS_SHAxxx_ALT macros). A remote attacker can gain access to sensitive information.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

mbed TLS: 2.0.0 - 2.22.0

CPE2.3

• cpe:2.3:a:arm:mbed_tls:2.0.0:*:*:*:*:*:*:*
• cpe:2.3:a:arm:mbed_tls:2.19.1:*:*:*:*:*:*:*
• cpe:2.3:a:arm:mbed_tls:2.22.0:*:*:*:*:*:*:*
• cpe:2.3:a:arm:mbed_tls:2.3.0:*:*:*:*:*:*:*
• cpe:2.3:a:arm:mbed_tls:2.4.2:*:*:*:*:*:*:*
• cpe:2.3:a:arm:mbed_tls:2.5.1:*:*:*:*:*:*:*
• cpe:2.3:a:arm:mbed_tls:2.6.1:*:*:*:*:*:*:*
• cpe:2.3:a:arm:mbed_tls:2.7.15:*:*:*:*:*:*:*
• cpe:2.3:a:arm:mbed_tls:2.8.0:*:*:*:*:*:*:*
• cpe:2.3:a:arm:mbed_tls:2.9.0:*:*:*:*:*:*:*

External links

https://github.com/Mbed-TLS/mbedtls/releases/tag/v2.23.0
https://github.com/Mbed-TLS/mbedtls/releases/tag/v2.7.16
https://github.com/Mbed-TLS/mbedtls/releases/tag/v2.16.7

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

3) Cryptographic issues

EUVDB-ID: #VU71099

Risk: Low

CVSSv4.0: 1.7 [CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2020-36421

CWE-ID: CWE-310 - Cryptographic Issues

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform MitM attack.

The vulnerability exists due to a side channel in modular exponentiation. A remote attacker can disclose the RSA private key used in a secure enclave.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

mbed TLS: 2.0.0 - 2.22.0

CPE2.3

• cpe:2.3:a:arm:mbed_tls:2.0.0:*:*:*:*:*:*:*
• cpe:2.3:a:arm:mbed_tls:2.19.1:*:*:*:*:*:*:*
• cpe:2.3:a:arm:mbed_tls:2.22.0:*:*:*:*:*:*:*
• cpe:2.3:a:arm:mbed_tls:2.3.0:*:*:*:*:*:*:*
• cpe:2.3:a:arm:mbed_tls:2.4.2:*:*:*:*:*:*:*
• cpe:2.3:a:arm:mbed_tls:2.5.1:*:*:*:*:*:*:*
• cpe:2.3:a:arm:mbed_tls:2.6.1:*:*:*:*:*:*:*
• cpe:2.3:a:arm:mbed_tls:2.7.15:*:*:*:*:*:*:*
• cpe:2.3:a:arm:mbed_tls:2.8.0:*:*:*:*:*:*:*
• cpe:2.3:a:arm:mbed_tls:2.9.0:*:*:*:*:*:*:*

External links

https://github.com/ARMmbed/mbedtls/issues/3394
https://bugs.gentoo.org/730752
https://github.com/ARMmbed/mbedtls/releases/tag/v2.23.0
https://github.com/ARMmbed/mbedtls/releases/tag/v2.16.7
https://lists.debian.org/debian-lts-announce/2022/12/msg00036.html
https://github.com/Mbed-TLS/mbedtls/releases/tag/v2.7.16

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.