CVE-2022-46392Observable Discrepancy in ARM Mbed TLS

CWE-203Observable Discrepancy7 documents7 sources
Severity
5.3MEDIUMNVD
EPSS
0.2%
top 56.13%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
3
Mbed MbedtlsARM Mbed TLSFedoraproject Fedora
Timeline
PublishedDec 15
Latest updateFeb 15

Description

An issue was discovered in Mbed TLS before 2.28.2 and 3.x before 3.3.0. An adversary with access to precise enough information about memory accesses (typically, an untrusted operating system attacking a secure enclave) can recover an RSA private key after observing the victim performing a single private-key operation, if the window size (MBEDTLS_MPI_WINDOW_SIZE) used for the exponentiation is 3 or smaller.

CVSS vector

CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:NExploitability: 1.6 | Impact: 3.6

Affected Packages2 packages

NVDarm/mbed_tls3.0.03.3.0+1
Debianmbed/mbedtls< 2.16.9-0.1+deb11u1+3

Also affects: Fedora 36, 37

🔴Vulnerability Details

3
GHSA
GHSA-2cww-m3rc-2vgr: An issue was discovered in Mbed TLS before 22022-12-16
CVEList
CVE-2022-46392: An issue was discovered in Mbed TLS before 22022-12-15
OSV
CVE-2022-46392: An issue was discovered in Mbed TLS before 22022-12-15

📋Vendor Advisories

3
CISA ICS
Siemens SCALANCE XCM-/XRM-3002024-02-15
Microsoft
An issue was discovered in Mbed TLS before 2.28.2 and 3.x before 3.3.0. An adversary with access to precise enough information about memory accesses (typically an untrusted operating system attacking 2022-12-13
Debian
CVE-2022-46392: mbedtls - An issue was discovered in Mbed TLS before 2.28.2 and 3.x before 3.3.0. An adver...2022
CVE-2022-46392 — Observable Discrepancy in ARM Mbed TLS | cvebase