CVE-2023-5678Improper Check for Unusual or Exceptional Conditions in Openssl

CWE-754Improper Check for Unusual or Exceptional ConditionsCWE-606Unchecked Input for Loop ConditionCWE-325Missing Cryptographic Step31 documents10 sources
Severity
5.3MEDIUMNVD
OSV7.4
EPSS
0.6%
top 29.48%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
28
OpensslTianocore Edk2Debian Openssl+25 more
Timeline
PublishedNov 6
Latest updateNov 28

Description

Issue summary: Generating excessively long X9.42 DH keys or checking excessively long X9.42 DH keys or parameters may be very slow. Impact summary: Applications that use the functions DH_generate_key() to generate an X9.42 DH key may experience long delays. Likewise, applications that use DH_check_pub_key(), DH_check_pub_key_ex() or EVP_PKEY_public_check() to check an X9.42 DH key or X9.42 DH parameters may experience long delays. Where the key or parameters that are being checked have been obt

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:LExploitability: 3.9 | Impact: 1.4

Affected Packages31 packages

debiandebian/openssl< openssl 3.0.13-1~deb12u1 (bookworm)
NVDopenssl/openssl1.0.21.0.2zj+3
Alpineopenssl/openssl< 1.1.1w-r1+8
Debianopenssl/openssl< 1.1.1w-0+deb11u2+3
Ubuntuopenssl/openssl< 1.1.1f-1ubuntu2.21+3

Patches

Patch: git.openssl.orgPatch: git.openssl.orgPatch: git.openssl.org

🔴Vulnerability Details

8
OSV
edk2 regression2025-11-28
OSV
edk2 vulnerabilities2025-11-26
OSV
openssl1.0 vulnerabilities2024-03-21
OSV
openssl vulnerabilities2024-02-13
OSV
openssl vulnerabilities2024-02-05

📋Vendor Advisories

22
Ubuntu
EDK II regression2025-11-28
Ubuntu
EDK II vulnerabilities2025-11-26
CISA ICS
Siemens SINEC OS2025-08-14
CISA ICS
Siemens SIDIS Prime2025-04-10
CISA ICS
Siemens SCALANCE W7002025-02-13
CVE-2023-5678 — Openssl vulnerability | cvebase