ID:8620 - Exploit for Reachable Assertion in crypto - CVE-2020-9283

CSH
CYBERSECURITY HELP
Sign In REGISTER
 
Main Vulnerability Database Exploits ID:8620 - Exploit for Reachable Assertion in crypto - CVE-2020-9283

ID:8620 - Exploit for Reachable Assertion in crypto - CVE-2020-9283

Published: November 21, 2022


Vulnerability identifier: #VU69447
Vulnerability risk: Medium
CVE-ID: CVE-2020-9283
CWE-ID: CWE-617
Exploitation vector: Remote access
Vulnerable software:
crypto

Link to public exploit:


Vulnerability description

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to a reachable assertion during signature verification process. A remote attacker can supply a specially crafted certificate to the application (server or client) and perform a denial of service (DoS) attack.



Remediation

Install updates from vendor's website.