Main Vulnerability Database Exploits ID:9691 - Exploit for Cryptographic issues in Gotham city - CVE-2023-33242

ID:9691 - Exploit for Cryptographic issues in Gotham city - CVE-2023-33242

Published: April 9, 2024

Vulnerability identifier: #VU79466

Vulnerability risk: High

CVE-ID: CVE-2023-33242

CWE-ID: CWE-310

Exploitation vector: Remote access

Vulnerable software:
Gotham city

Link to public exploit:

https://github.com/d0rb/CVE-2023-33242

Vulnerability description

The vulnerability allows a remote attacker to gain access to sensitive information.

The vulnerability exists due to an error in Lindell17 TSS protocol implementation in crypto wallets. A remote attacker can extract the full ECDSA private key by exfiltrating a single bit in every signature attempt (256 in total).

Remediation

Install updates from vendor's website.

ID:9691 - Exploit for Cryptographic issues in Gotham city - CVE-2023-33242

Link to public exploit:

Vulnerability description

Remediation

Please verify you're human