CVE-2023-33242

moderate-risk
Published 2023-08-09

Crypto wallets implementing the Lindell17 TSS protocol might allow an attacker to extract the full ECDSA private key by exfiltrating a single bit in every signature attempt (256 in total) because of not adhering to the paper's security proof's assumption regarding handling aborts after a failed signature.

Do I need to act?

~
4.7% chance of exploitation in next 30 days
EPSS score — moderate exploit probability
-
Not on CISA KEV list
No confirmed active exploitation reported to CISA
?
Patch status unknown
Check vendor advisories for fix availability and mitigation guidance
9
CVSS 9.6/10 Critical
NETWORK / LOW complexity

Affected Products (1)

Lindell17

Affected Vendors

Lindell17 Project

References (8)

Exploit https://eprint.iacr.org/2017/552.pdf
Exploit https://github.com/fireblocks-labs/mpc-ecdsa-attacks-23
Exploit https://github.com/fireblocks-labs/zengo-lindell17-exploit-poc
Third Party Advisory https://www.fireblocks.com/blog/lindell17-abort-vulnerability-technical-report/
Exploit https://eprint.iacr.org/2017/552.pdf
Exploit https://github.com/fireblocks-labs/mpc-ecdsa-attacks-23
Exploit https://github.com/fireblocks-labs/zengo-lindell17-exploit-poc
Third Party Advisory https://www.fireblocks.com/blog/lindell17-abort-vulnerability-technical-report/
45
/ 100
moderate-risk
Severity 32/34 · Critical
Exploitability 8/34 · Low
Exposure 5/34 · Minimal