PT-2018-10132 · Z Nomp · Z-Nomp
Published
2018-05-09
·
Updated
2018-06-18
·
CVE-2018-10831
CVSS v3.1
7.5
High
| Vector | AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N |
Name of the Vulnerable Software and Affected Versions
Z-NOMP versions prior to 2018-04-05
Description
The issue allows attackers to spoof mining shares by providing a solution with specific values, such as
x1=1, x2=1, x3=1, ..., x512=1, to bypass the verifier for any blockheader. This originally affected cryptocurrencies like Bitcoin Gold and Zcash, and was exploited in the wild in May 2018 against smaller cryptocurrencies.Recommendations
For Z-NOMP versions prior to 2018-04-05, update to a version released after 2018-04-05 to resolve the issue.
Exploit
Fix
Use of a Broken Cryptographic Algorithm
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Z-Nomp