Confidentiality Vulnerability in GnuTLS Products by GnuTLS
CVE-2020-13777

7.4HIGH

Key Information:

Vendor
Gnu
Status
Gnutls
Vendor
CVE Published:
4 June 2020

Badges

👾 Exploit Exists🟡 Public PoC

Summary

GnuTLS versions prior to 3.6.14 are affected by a cryptographic vulnerability that leads to loss of confidentiality in TLS 1.2 and an authentication bypass in TLS 1.3 due to incorrect session ticket encryption. This problem originates from a commit made in September 2018. Until the first key rotation occurs, the TLS server substitutes erroneous data instead of a properly derived encryption key from the application, exposing the session's sensitive information.

Exploit Proof of Concept (PoC)

PoC code is written by security researchers to demonstrate the vulnerability can be exploited. PoC code is also a key component for weaponization which could lead to ransomware.

cve-2020-13777
Created by 0xxon

challenge_CVE-2020-13777
Created by shigeki

PoC_TLS1_3_CVE-2020-13777
Created by prprhyt

References

https://gnutls.org/security-new.html#GNUTLS-SA-2020-06-03
x_refsource_CONFIRM
https://www.debian.org/security/2020/dsa-4697
vendor-advisoryx_refsource_DEBIAN
https://lists.fedoraproject.org/archives/list/package-ann...
vendor-advisoryx_refsource_FEDORA

CVSS V3.1

Score:
7.4
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
High
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged

Timeline

  • 🟡

    Public PoC available

  • 👾

    Exploit known to exist

  • Vulnerability published

  • Vulnerability Reserved

.