Lucene search

GoogleOSV:CVE-2023-46324

HistoryOct 23, 2023 - 1:15 a.m.

CVE-2023-46324

2023-10-2301:15:07

Google

osv.dev

free5gc

udm

invalid curve attack

sucis

decryption

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

7.1 High

AI Score

Confidence

Low

0.001 Low

EPSS

Percentile

28.1%

JSON

pkg/suci/suci.go in free5GC udm before 1.2.0, when Go before 1.19 is used, allows an Invalid Curve Attack because it may compute a shared secret via an uncompressed public key that has not been validated. An attacker can send arbitrary SUCIs to the UDM, which tries to decrypt them via both its private key and the attacker’s public key.

CPENameOperatorVersion
udmeq1.0.0
udmeq1.0.1
udmeq1.0.2
udmeq1.1.1
udmeq1.1.0

Name	Operator	Version
udm	eq	1.0.0
udm	eq	1.0.1
udm	eq	1.0.2
udm	eq	1.1.1
udm	eq	1.1.0

References

github.com/free5gc/udm/compare/v1.1.1...v1.2.0

github.com/free5gc/udm/pull/20

www.gsma.com/security/wp-content/uploads/2023/10/0073-invalid_curve.pdf

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

7.1 High

AI Score

Confidence

Low

0.001 Low

EPSS

Percentile

28.1%

JSON

Related for OSV:CVE-2023-46324