CVE-2021-46873

Name of the Vulnerable Software and Affected Versions WireGuard versions 0.5.3

Description The issue is related to the implementation of the NTP protocol in WireGuard on Windows, which does not fully account for the possibility that an adversary might set a victim's system time to a future value, for example, because unauthenticated NTP is used. This can lead to a situation where one static private key becomes permanently useless. The vulnerability is related to insufficient input validation, which can be exploited by a remote attacker to cause a denial of service.

Recommendations For WireGuard version 0.5.3, consider disabling the use of unauthenticated NTP to minimize the risk of exploitation until a patch is available. Restrict access to the NTP protocol to prevent an attacker from setting the system time to a future value.