Karolin Varner

**Name of the Vulnerable Software and Affected Versions** WireGuard versions 0.5.3 **Description** The issue is related to the implementation of the NTP protocol in WireGuard on Windows, which does not fully account for the possibility that an adversary might set a victim's system time to a future value, for example, because unauthenticated NTP is used. This can lead to a situation where one static private key becomes permanently useless. The vulnerability is related to insufficient input validation, which can be exploited by a remote attacker to cause a denial of service. **Recommendations** For WireGuard version 0.5.3, consider disabling the use of unauthenticated NTP to minimize the risk of exploitation until a patch is available. Restrict access to the NTP protocol to prevent an attacker from setting the system time to a future value.