Mend.io Vulnerability Database

What is a CVE vulnerability ID? icon What is a WS vulnerability ID? icon What is an MSC vulnerability ID? icon
New vulnerability? Tell us about it!
icon

We found results for “

CVE-2023-43634

Good to know:

icon

Date: September 21, 2023

When sealing/unsealing the “vault” key, a list of PCRs is used, which defines which PCRs are used. In a previous project, CYMOTIVE found that the configuration is not protected by the secure boot, and in response Zededa implemented measurements on the config partition that was mapped to PCR 13. In that process, PCR 13 was added to the list of PCRs that seal/unseal the key. In commit “56e589749c6ff58ded862d39535d43253b249acf”, the config partition measurement moved from PCR 13 to PCR 14, but PCR 14 was not added to the list of PCRs that seal/unseal the key. This change makes the measurement of PCR 14 effectively redundant as it would not affect the sealing/unsealing of the key. An attacker could modify the config partition without triggering the measured boot, this could result in the attacker gaining full control over the device with full access to the contents of the encrypted “vault”

Language: Go

Severity Score

Related Resources (4)

https://nvd.nist.gov/vuln/detail/CVE-2023-43634
https://asrg.io/security-advisories/cve-2023-43634/
https://asrg.io/security-advisories/config-partition-not-protected-by-measured-boot/
https://www.mend.io/vulnerability-database/CVE-2023-43634

Severity Score

Weakness Type (CWE)

Insufficiently Protected Credentials

CWE-522

Insecure Storage of Sensitive Information

CWE-922

Top Fix

icon

Upgrade Version

Upgrade to version github.com/lf-edge/eve - 8.6.0,9.5.0

Learn More

CVSS v3.1

Base Score:
Attack Vector (AV): LOCAL
Attack Complexity (AC): LOW
Privileges Required (PR): LOW
User Interaction (UI): NONE
Scope (S): CHANGED
Confidentiality (C): HIGH
Integrity (I): HIGH
Availability (A): HIGH

Do you need more information?

Contact Us