CVE Tools

CVE-2019-1547

ECDSA remote timing attack

Published: Sep 10, 2019Updated: Nov 21, 2024 Sources: CVE List NVD BDU csafNVD-CWE-noinfo

Patch Available

Description

Normally in OpenSSL EC groups always have a co-factor present and this is used in side channel resistant code paths. However, in some cases, it is possible to construct a group using explicit parameters (instead of using a named curve). In those cases it is possible that such a group does not have the cofactor present. This can occur even where all the parameters match a known named curve. If such a curve is used then OpenSSL falls back to non-side channel resistant code paths which may result in full key recovery during an ECDSA signature operation. In order to be vulnerable an attacker would have to have the ability to time the creation of a large number of signatures where explicit parameters with no co-factor present are in use by an application using libcrypto. For the avoidance of doubt libssl is not vulnerable because explicit parameters are never used. Fixed in OpenSSL 1.1.1d (Affected 1.1.1-1.1.1c). Fixed in OpenSSL 1.1.0l (Affected 1.1.0-1.1.0k). Fixed in OpenSSL 1.0.2t (Affected 1.0.2-1.0.2s).

CVSS Vector Breakdown

Exploitability

AV:LAttack Vector

Local

AC:HAttack Complexity

High

PR:LPrivileges Required

Low

UI:NUser Interaction

None

Scope

S:UScope

Unchanged

Impact

C:HConfidentiality

High

I:NIntegrity

None

A:NAvailability

None

Open in CVSS calculator →

Weaknesses

Affected Products

OpenSSL OpenSSL OSS Libraries

openssl openssl OSS Libraries

Astra Linux Special Edition ООО «РусБИТех-Астра»

On-premOS

Operating Systems / linux-distro

Debian GNU/Linux Сообщество свободного программного обеспечения

On-premOS

Operating Systems / linux-distro

Enterprise Manager Ops Center Oracle Corp.

On-premWeb App

Enterprise Software / itsm-monitoring

openssloss-projectUSOSS Librariesaka open ssl

ооо «русбитех-астра»commercialRUOperating Systemsaka rusbitech-astra

сообщество свободного программного обеспеченияoss-projectOperating Systemsaka сообщество свободного программного обеспечения, fsf

oracle corp.commercialUSDatabasesaka oracle

and 38 more affected products View all →

Exploitability

1 exploit source identified

Exploit details including PoC links, Metasploit modules, and scanner templates are available after registration.

View exploit details

Official Patch Available

References

https://seclists.org/bugtraq/2019/Sep/25

http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00054.html

lists.opensuse.org

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GY6SNRJP2S7Y42GIIDO3HXPNMDYN2U3A/

lists.fedoraproject.org

and 88 more references View all →

Timeline

Published

Sep 10, 2019

Last Updated

Nov 21, 2024

Unlock Complete Vulnerability Intelligence

Get the full picture for CVE-2019-1547 and every CVE in our database. Create a free account — no credit card required.

Create Free Account

Plain-language analysis

Impact assessment and exploitation scenario in plain English

Attack graph visualization

Interactive attack path and kill chain mapping

Exploit details & PoC links

ExploitDB, Metasploit, GitHub PoCs with direct links

Nuclei scanner templates

Ready-to-use vulnerability scanner templates

Full remediation guide

Patch instructions, workarounds, and compliance impact

Interactive AI chat

Ask questions about this vulnerability in natural language

Related vulnerabilities

Semantically similar CVEs and attack patterns

REST API & MCP access

Integrate vulnerability data into your workflows