JVNDB-2020-018327
Vulnerability from jvndb - Published: 2024-09-11 18:19 - Updated:2024-09-11 18:19Summary
Malleability attack against executables encrypted by CBC mode with no integrity check
Details
Researchers at NTT, University of Hyogo, and NEC have identified a security issue that leads to executing arbitrary code in executable files that are encrypted by CBC mode with no integrity check. This issue has been published in ACNS 2020
.
There is a risk that an encrypted executable file may be manipulated by an attacker without prior knowledge of plaintext or secret key, resulting in arbitrary code execution if the developer does not take measures against the attack.
Developers can refer to the "Solution" section for countermeasures.
Please refer to JVNTA#94494000 for more details.
This document was written by Rintaro Fujita (NTT), Takanori Isobe (University of Hyogo), Kazuhiko Minematsu (NEC), and JPCERT/CC.
References
| Type | URL | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
| Vendor | Product | |
|---|---|---|
{
"@rdf:about": "https://jvndb.jvn.jp/en/contents/2020/JVNDB-2020-018327.html",
"dc:date": "2024-09-11T18:19+09:00",
"dcterms:issued": "2024-09-11T18:19+09:00",
"dcterms:modified": "2024-09-11T18:19+09:00",
"description": "Researchers at NTT, University of Hyogo, and NEC have identified a security issue that leads to executing arbitrary code in executable files that are encrypted by CBC mode with no integrity check. This issue has been published in \u003ca href=\"https://sites.google.com/di.uniroma1.it/acns2020/home\" target=blank\u003eACNS 2020\u003c/a\u003e\r\n.\r\nThere is a risk that an encrypted executable file may be manipulated by an attacker without prior knowledge of plaintext or secret key, resulting in arbitrary code execution if the developer does not take measures against the attack.\r\n\r\nDevelopers can refer to the \"Solution\" section for countermeasures.\r\n\r\nPlease refer to \u003ca href=\"https://jvn.jp/en/ta/JVNTA94494000/\" target=blank\u003eJVNTA#94494000\u003c/a\u003e for more details.\r\n\r\nThis document was written by Rintaro Fujita (NTT), Takanori Isobe (University of Hyogo), Kazuhiko Minematsu (NEC), and JPCERT/CC.",
"link": "https://jvndb.jvn.jp/en/contents/2020/JVNDB-2020-018327.html",
"sec:cpe": {
"#text": "cpe:/a:misc:multiple_vendors",
"@product": "(Multiple Products)",
"@vendor": "(Multiple Venders)",
"@version": "2.2"
},
"sec:identifier": "JVNDB-2020-018327",
"sec:references": [
{
"#text": "https://jvn.jp/en/ta/JVNTA94494000/",
"@id": "JVNTA#94494000",
"@source": "JVN"
},
{
"#text": "https://link.springer.com/chapter/10.1007/978-3-030-57808-4_10",
"@id": "ACE in Chains: How Risky Is CBC Encryption of Binary Executable Files? | SpringerLink",
"@source": "Related document"
},
{
"#text": "https://eprint.iacr.org/2020/1159",
"@id": "Cryptology ePrint Archive: Report 2020/1159 - ACE in Chains : How Risky is CBC Encryption of Binary Executable Files ?",
"@source": "Related document"
}
],
"title": "Malleability attack against executables encrypted by CBC mode with no integrity check"
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…