#VU54501 Use of a broken or risky cryptographic algorithm in libtpms - CVE-2021-3446

Cybersecurity Help s.r.o.

Published: 2021-07-01

Vulnerability identifier: #VU54501

Vulnerability risk: Medium

CVSSv4.0: 1.7 [CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Green]

CVE-ID: CVE-2021-3446

CWE-ID: CWE-327

Exploitation vector: Network

Exploit availability: No

Vulnerable software:
libtpms
Universal components / Libraries / Libraries used by multiple products

Vendor: Stefan Berger

Description

The vulnerability allows a remote attacker to decrypt data.

The vulnerability exists in libtpms due to integration with OpenSSL, which contained a vulnerability related to the returned IV (initialization vector) when certain symmetric ciphers were used. Instead of returning the last IV it returned the initial IV to the caller, thus weakening the subsequent encryption and decryption steps.

Mitigation
Install updates from vendor's website.

Vulnerable software versions

libtpms: 0.5.2 - 0.8.1

External links
https://bugzilla.redhat.com/show_bug.cgi?id=1939664

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

Latest bulletins with this vulnerability

Use of a broken or risky cryptographic algorithm in libtpms

Fedora 34 update for libtpms