PT-2023-19855 · Hashicorp+1 · Hashicorp Vault+1

Giuseppe Cocomazzi

Published

2023-03-29

Updated

2025-05-26

CVE-2023-25000

CVSS v3.1

5.0

Medium

Vector

AV:L/AC:H/PR:H/UI:R/S:C/C:H/I:N/A:N

Name of the Vulnerable Software and Affected Versions HashiCorp Vault versions prior to 1.11.9 HashiCorp Vault versions prior to 1.12.5 HashiCorp Vault versions prior to 1.13.1

Description The issue concerns HashiCorp Vault's implementation of Shamir's secret sharing, which used precomputed table lookups and was vulnerable to cache-timing attacks. An attacker with access to the host and the ability to observe a large number of unseal operations through a side channel may reduce the search space of a brute force effort to recover the Shamir shares.

Recommendations For versions prior to 1.11.9, update to version 1.11.9 or later. For versions prior to 1.12.5, update to version 1.12.5 or later. For versions prior to 1.13.1, update to version 1.13.1 or later.

Fix

Side Channel Attack

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-203CWE-208

Related Identifiers

BDU:2025-06185

BIT-VAULT-2023-25000

CVE-2023-25000

GHSA-VQ4H-9GHM-QMRR

GO-2023-1709

Affected Products

Hashicorp Vault

Red Os

PT-2023-19855 · Hashicorp+1 · Hashicorp Vault+1

CVE-2023-25000

Weakness Enumeration

Related Identifiers

Affected Products

References · 14