cbcvebase.
CVE-2021-36647
published 2023-01-17

CVE-2021-36647: Use of a Broken or Risky Cryptographic Algorithm in the function mbedtls_mpi_exp_mod() in lignum.c in Mbed TLS Mbed TLS all versions before 3.0.0, 2.27.0 or…

PriorityP421medium4.7CVSS 3.1
AVLACHPRLUINSUCHINAN
EPSS
0.16%
5.9th percentile
Use of a Broken or Risky Cryptographic Algorithm in the function mbedtls_mpi_exp_mod() in lignum.c in Mbed TLS Mbed TLS all versions before 3.0.0, 2.27.0 or 2.16.11 allows attackers with access to precise enough timing and memory access information (typically an untrusted operating system attacking a secure enclave such as SGX or the TrustZone secure world) to recover the private keys used in RSA.

Affected

20 ranges
VendorProductVersion rangeFixed in
armmbed_tls< 2.16.112.16.11
armmbed_tls>= 2.17.0 < 2.27.02.27.0
debianmbedtls< mbedtls 2.16.11-0.1 (bookworm)mbedtls 2.16.11-0.1 (bookworm)
mbedmbedtls>= 0 < 2.16.9-0.1+deb11u12.16.9-0.1+deb11u1
mbedmbedtls>= 0 < 2.16.11-0.12.16.11-0.1
mbedmbedtls>= 0 < 2.16.11-0.12.16.11-0.1
mbedmbedtls>= 0 < 2.16.11-0.12.16.11-0.1
msrcazl3_qemu_8.2.0-16_on_azure_linux_3.0
msrccbl2_hvloader_1.0.1-5_on_cbl_mariner_2.0
msrccbl2_qemu_6.2.0-24_on_cbl_mariner_2.0
msrccbl_mariner_2.0_arm
msrccbl_mariner_2.0_x64
msrcfluent-bit-2.0.9-1.cm2.aarch64.rpm_on_cbl_mariner_2.0_arm
msrcfluent-bit-2.0.9-1.cm2.x86_64.rpm_on_cbl_mariner_2.0_x64
msrcfluent-bit-debuginfo-2.0.9-1.cm2.aarch64.rpm_on_cbl_mariner_2.0_arm
msrcfluent-bit-debuginfo-2.0.9-1.cm2.x86_64.rpm_on_cbl_mariner_2.0_x64
msrcfluent-bit-devel-2.0.9-1.cm2.aarch64.rpm_on_cbl_mariner_2.0_arm
msrcfluent-bit-devel-2.0.9-1.cm2.x86_64.rpm_on_cbl_mariner_2.0_x64
msrchvloader-1.0.1-6.cm2.x86_64.rpm_on_cbl_mariner_2.0_x64
trustedfirmwarembed_tls>= 2.28.0 < 3.0.03.0.0

CVSS provenance

nvdv3.14.7MEDIUMCVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N
osv4.7MEDIUM
vendor_debian4.7MEDIUM
vendor_msrc4.7MEDIUM
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.