CVE-2022-46392
published 2022-12-15CVE-2022-46392: An issue was discovered in Mbed TLS before 2.28.2 and 3.x before 3.3.0. An adversary with access to precise enough information about memory accesses…
PriorityP425medium5.3CVSS 3.1
AVNACHPRNUIRSUCHINAN
EPSS
0.79%
51.5th percentile
An issue was discovered in Mbed TLS before 2.28.2 and 3.x before 3.3.0. An adversary with access to precise enough information about memory accesses (typically, an untrusted operating system attacking a secure enclave) can recover an RSA private key after observing the victim performing a single private-key operation, if the window size (MBEDTLS_MPI_WINDOW_SIZE) used for the exponentiation is 3 or smaller.
Affected
15 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| arm | mbed_tls | < 2.28.2 | 2.28.2 |
| debian | mbedtls | < mbedtls 2.28.2-1 (bookworm) | mbedtls 2.28.2-1 (bookworm) |
| fedoraproject | fedora | — | — |
| fedoraproject | fedora | — | — |
| mbed | mbedtls | >= 0 < 2.16.9-0.1+deb11u1 | 2.16.9-0.1+deb11u1 |
| mbed | mbedtls | >= 0 < 2.28.2-1 | 2.28.2-1 |
| mbed | mbedtls | >= 0 < 2.28.2-1 | 2.28.2-1 |
| mbed | mbedtls | >= 0 < 2.28.2-1 | 2.28.2-1 |
| msrc | azl3_qemu_8.2.0-16_on_azure_linux_3.0 | — | — |
| msrc | cbl2_fluent-bit_2.0.9-1_on_cbl_mariner_2.0 | — | — |
| msrc | cbl2_qemu_6.2.0-24_on_cbl_mariner_2.0 | — | — |
| msrc | cbl_mariner_2.0_arm | — | — |
| msrc | cbl_mariner_2.0_x64 | — | — |
| msrc | cm1_fluent-bit_1.5.2-3_on_cbl_mariner_1.0 | — | — |
| trustedfirmware | mbed_tls | >= 3.0.0 < 3.3.0 | 3.3.0 |
CVSS provenance
nvdv3.15.3MEDIUMCVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N
osv5.3MEDIUM
vendor_debian5.3MEDIUM
vendor_msrc5.3MEDIUM
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
VulDB
mbed TLS up to 2.28.1/3.2.x RSA Private Key MBEDTLS_MPI_WINDOW_SIZE information exposure (FEDORA-2023-7456a62f60 / Nessus ID 240979)
vuldb·2026-06-06·CVSS 5.3
CVE-2022-46392 [MEDIUM] mbed TLS up to 2.28.1/3.2.x RSA Private Key MBEDTLS_MPI_WINDOW_SIZE information exposure (FEDORA-2023-7456a62f60 / Nessus ID 240979)
A vulnerability, which was classified as problematic, was found in mbed TLS up to 2.28.1/3.2.x. This affects an unknown part of the component RSA Private Key Handler. The manipulation of the argument MBEDTLS_MPI_WINDOW_SIZE results in information exposure through discrepancy.
This vulnerability is known as CVE-2022-46392. It is possible to launch the attack remotely. No exploit is available.
You should upgrade the affected component.
GHSA
GHSA-2cww-m3rc-2vgr: An issue was discovered in Mbed TLS before 2
ghsa_unreviewed·2022-12-16
CVE-2022-46392 [MEDIUM] CWE-203 GHSA-2cww-m3rc-2vgr: An issue was discovered in Mbed TLS before 2
An issue was discovered in Mbed TLS before 2.28.2 and 3.x before 3.3.0. An adversary with access to precise enough information about memory accesses (typically, an untrusted operating system attacking a secure enclave) can recover an RSA private key after observing the victim performing a single private-key operation, if the window size (MBEDTLS_MPI_WINDOW_SIZE) used for the exponentiation is 3 or smaller.
OSV
CVE-2022-46392: An issue was discovered in Mbed TLS before 2
osv·2022-12-15·CVSS 5.3
CVE-2022-46392 [MEDIUM] CVE-2022-46392: An issue was discovered in Mbed TLS before 2
An issue was discovered in Mbed TLS before 2.28.2 and 3.x before 3.3.0. An adversary with access to precise enough information about memory accesses (typically, an untrusted operating system attacking a secure enclave) can recover an RSA private key after observing the victim performing a single private-key operation, if the window size (MBEDTLS_MPI_WINDOW_SIZE) used for the exponentiation is 3 or smaller.
CISA ICS
Siemens SCALANCE XCM-/XRM-300
cisa_ics·2024-02-15
Siemens SCALANCE XCM-/XRM-300
ICS Advisory
##
Siemens SCALANCE XCM-/XRM-300
Release DateFebruary 15, 2024
Alert CodeICSA-24-046-11
As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories (CERT Services | Services | Siemens Global).
View CSAF
## 1. EXECUTIVE SUMMARY
- CVSS v3 9.8
- ATTENTION: Exploitable remotely/low attack complexity
- Vendor: Siemens
- Equipment: SCALANCE XCM-/XRM-300
- Vulnerabilities: Out-of-bounds Write, Incorrect Type Conversion or Cast, Improper Verification of Cryptographic Signature, Improper Access Control, Improper Authentication, Missing Encryption
Microsoft
An issue was discovered in Mbed TLS before 2.28.2 and 3.x before 3.3.0. An adversary with access to precise enough information about memory accesses (typically an untrusted operating system attacking
vendor_msrc·2022-12-13·CVSS 5.3
CVE-2022-46392 [MEDIUM] CWE-203 An issue was discovered in Mbed TLS before 2.28.2 and 3.x before 3.3.0. An adversary with access to precise enough information about memory accesses (typically an untrusted operating system attacking
An issue was discovered in Mbed TLS before 2.28.2 and 3.x before 3.3.0. An adversary with access to precise enough information about memory accesses (typically an untrusted operating system attacking a secure enclave) can recover an RSA private key after observing the victim performing a single private-key operation if the window size (MBEDTLS_MPI_WINDOW_SIZE) used for the exponentiation is 3 or smaller.
FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability?
One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro is composed. Microsoft i
Debian
CVE-2022-46392: mbedtls - An issue was discovered in Mbed TLS before 2.28.2 and 3.x before 3.3.0. An adver...
vendor_debian·2022·CVSS 5.3
CVE-2022-46392 [MEDIUM] CVE-2022-46392: mbedtls - An issue was discovered in Mbed TLS before 2.28.2 and 3.x before 3.3.0. An adver...
An issue was discovered in Mbed TLS before 2.28.2 and 3.x before 3.3.0. An adversary with access to precise enough information about memory accesses (typically, an untrusted operating system attacking a secure enclave) can recover an RSA private key after observing the victim performing a single private-key operation, if the window size (MBEDTLS_MPI_WINDOW_SIZE) used for the exponentiation is 3 or smaller.
Scope: local
bookworm: resolved (fixed in 2.28.2-1)
bullseye: resolved (fixed in 2.16.9-0.1+deb11u1)
forky: resolved (fixed in 2.28.2-1)
sid: resolved (fixed in 2.28.2-1)
trixie: resolved (fixed in 2.28.2-1)
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
https://github.com/Mbed-TLS/mbedtls/releases/tag/v2.28.2https://github.com/Mbed-TLS/mbedtls/releases/tag/v3.3.0https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4BR7ZCVKLPGCOEEALUHZMFHXQHR6S4QL/https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6XMKJ5IMJEPXYAHHU56Z4P2FSYIEAESB/https://github.com/Mbed-TLS/mbedtls/releases/tag/v2.28.2https://github.com/Mbed-TLS/mbedtls/releases/tag/v3.3.0https://lists.debian.org/debian-lts-announce/2025/06/msg00034.htmlhttps://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4BR7ZCVKLPGCOEEALUHZMFHXQHR6S4QL/https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6XMKJ5IMJEPXYAHHU56Z4P2FSYIEAESB/
2022-12-15
Published