CVE-2019-9155 : A cryptographic issue in OpenPGP.js <=4.2.0 allows an attacker who is able provide forged messages and gain feedback abo

A cryptographic issue in OpenPGP.js <=4.2.0 allows an attacker who is able provide forged messages and gain feedback about whether decryption of these messages succeeded to conduct an invalid curve attack in order to gain the victim's ECDH private key.

Published 2019-08-22 16:15:11

Updated 2021-07-21 11:39:24

Source MITRE

View at NVD, CVE.org

Exploit prediction scoring system (EPSS) score for CVE-2019-9155

Probability of exploitation activity in the next 30 days: 2.75%

Percentile, the proportion of vulnerabilities that are scored at or less: ~ 90 % EPSS Score History EPSS FAQ

CVSS scores for CVE-2019-9155

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Score Source
4.3	MEDIUM	AV:N/AC:M/Au:N/C:P/I:N/A:N	8.6	2.9	NIST
Access Vector: Network Access Complexity: Medium Authentication: None Confidentiality Impact: Partial Integrity Impact: None Availability Impact: None
5.9	MEDIUM	CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N	2.2	3.6	NIST
Attack Vector: Network Attack Complexity: High Privileges Required: None User Interaction: None Scope: Unchanged Confidentiality: High Integrity: None Availability: None

CWE ids for CVE-2019-9155

CWE-327 Use of a Broken or Risky Cryptographic Algorithm

The product uses a broken or risky cryptographic algorithm or protocol.

Assigned by: nvd@nist.gov (Primary)

References for CVE-2019-9155

https://www.bsi.bund.de/SharedDocs/Downloads/EN/BSI/Publications/Studies/Mailvelope_Extensions/Mailvelope_Extensions_pdf.html#download=1

BSI - Publications - Mailvelope Extensions Security Audit
Third Party Advisory

CVEs referencing this url
https://github.com/openpgpjs/openpgpjs/releases/tag/v4.3.0

Release v4.3.0 - Security Release · openpgpjs/openpgpjs · GitHub
Release Notes
http://packetstormsecurity.com/files/154191/OpenPGP.js-4.2.0-Signature-Bypass-Invalid-Curve-Attack.html

OpenPGP.js 4.2.0 Signature Bypass / Invalid Curve Attack ≈ Packet Storm
Third Party Advisory;VDB Entry

CVEs referencing this url
https://github.com/openpgpjs/openpgpjs/pull/853/commits/7ba4f8c655e7fd7706e8d7334e44b40fdf56c43e

Fix ECDH message encryption for some session keys by twiss · Pull Request #853 · openpgpjs/openpgpjs · GitHub
Patch;Third Party Advisory
https://sec-consult.com/en/blog/advisories/multiple-vulnerabilities-in-openpgp-js/

Multiple Vulnerabilities in OpenPGP.js – SEC Consult
Exploit;Third Party Advisory

CVEs referencing this url
https://github.com/openpgpjs/openpgpjs/pull/853

Fix ECDH message encryption for some session keys by twiss · Pull Request #853 · openpgpjs/openpgpjs · GitHub
Third Party Advisory

Products affected by CVE-2019-9155

Openpgpjs » Openpgpjs
Versions up to, including, (<=) 4.2.0
cpe:2.3:a:openpgpjs:openpgpjs:*:*:*:*:*:*:*:*
Matching versions

Vulnerability Details : CVE-2019-9155

Exploit prediction scoring system (EPSS) score for CVE-2019-9155

CVSS scores for CVE-2019-9155

CWE ids for CVE-2019-9155

References for CVE-2019-9155

Products affected by CVE-2019-9155