Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cvelistMitreCVELIST:CVE-2021-36219
HistorySep 27, 2021 - 1:22 p.m.

CVE-2021-36219

2021-09-2713:22:28
mitre
www.cve.org
5
skale sgxwallet
1.58.3
ecall 14
enclave integrity
vulnerability

AI Score

9.6

Confidence

High

EPSS

0.002

Percentile

61.8%

JSON

An issue was discovered in SKALE sgxwallet 1.58.3. The provided input for ECALL 14 triggers a branch in trustedEcdsaSign that frees a non-initialized pointer from the stack. An attacker can chain multiple enclave calls to prepare a stack that contains a valid address. This address is then freed, resulting in compromised integrity of the enclave. This was resolved after v1.58.3 and not reproducible in sgxwallet v1.77.0.

Related

nvd 1
osv 1
cnvd 1
prion 1
cve 1
nvd
nvd
CVE-2021-36219
2021-09-27 14:15:08
osv
osv
CVE-2021-36219
2021-09-27 14:15:08
cnvd
cnvd
sgxwallet buffer overflow vulnerability (CNVD-2021-1012217)
2021-09-29 00:00:00
prion
prion
Design/Logic Flaw
2021-09-27 14:15:00
cve
cve
CVE-2021-36219
2021-09-27 14:15:08

AI Score

9.6

Confidence

High

EPSS

0.002

Percentile

61.8%

JSON
Related for CVELIST:CVE-2021-36219
nvd1osv1cnvd1prion1cve1