CVE-2023-46324

CVSS v3.1

7.5

High

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Name of the Vulnerable Software and Affected Versions free5GC udm versions prior to 1.2.0

Description The issue allows an Invalid Curve Attack because it may compute a shared secret via an uncompressed public key that has not been validated. An attacker can send arbitrary SUCIs to the UDM, which tries to decrypt them via both its private key and the attacker's public key.

Recommendations For versions prior to 1.2.0, update to version 1.2.0 or later to resolve the issue. As a temporary workaround, consider restricting access to the suci.go module in pkg/suci to minimize the risk of exploitation. Avoid using uncompressed public keys in the affected UDM until the issue is resolved.

Fix

Improper Verification of Cryptographic Signature

Use of a Broken Cryptographic Algorithm

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-347CWE-327

Related Identifiers

CVE-2023-46324

GHSA-CQVV-R3G3-26RF

Affected Products

Free5Gc

CVE-2023-46324

Weakness Enumeration

Related Identifiers

Affected Products

References · 11