CVE-2021-36647Use of a Broken or Risky Cryptographic Algorithm in ARM Mbed TLS

CWE-327Use of a Broken or Risky Cryptographic Algorithm6 documents6 sources
Severity
4.7MEDIUMNVD
EPSS
0.0%
top 87.91%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Mbed MbedtlsARM Mbed TLS
Timeline
PublishedJan 17

Description

Use of a Broken or Risky Cryptographic Algorithm in the function mbedtls_mpi_exp_mod() in lignum.c in Mbed TLS Mbed TLS all versions before 3.0.0, 2.27.0 or 2.16.11 allows attackers with access to precise enough timing and memory access information (typically an untrusted operating system attacking a secure enclave such as SGX or the TrustZone secure world) to recover the private keys used in RSA.

CVSS vector

CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:NExploitability: 1.0 | Impact: 3.6

Affected Packages2 packages

NVDarm/mbed_tls2.17.02.27.0+2
Debianmbed/mbedtls< 2.16.9-0.1+deb11u1+3

🔴Vulnerability Details

3
GHSA
GHSA-7wwm-8prx-hpg2: Use of a Broken or Risky Cryptographic Algorithm in the function mbedtls_mpi_exp_mod() in lignum2023-01-17
OSV
CVE-2021-36647: Use of a Broken or Risky Cryptographic Algorithm in the function mbedtls_mpi_exp_mod() in lignum2023-01-17
CVEList
CVE-2021-36647: Use of a Broken or Risky Cryptographic Algorithm in the function mbedtls_mpi_exp_mod() in lignum2023-01-17

📋Vendor Advisories

2
Microsoft
Use of a Broken or Risky Cryptographic Algorithm in the function mbedtls_mpi_exp_mod() in lignum.c in Mbed TLS Mbed TLS all versions before 3.0.0 2.27.0 or 2.16.11 allows attackers with access to prec2023-01-10
Debian
CVE-2021-36647: mbedtls - Use of a Broken or Risky Cryptographic Algorithm in the function mbedtls_mpi_exp...2021
CVE-2021-36647 — ARM Mbed TLS vulnerability | cvebase