CVE-2024-32482 - Vulnerability Details - OpenCVE

The Tillitis TKey signer device application is an ed25519 signing tool. A vulnerability has been found that makes it possible to disclose portions of the TKey’s data in RAM over the USB interface. To exploit the vulnerability an attacker needs to use a custom client application and to touch the TKey. No secret is disclosed. All client applications integrating tkey-device-signer should upgrade to version 1.0.0 to receive a fix. No known workarounds are available.

No CVSS v4.0

Attack Vector Local

Attack Complexity High

Privileges Required Low

Scope Unchanged

Confidentiality Impact Low

Integrity Impact None

Availability Impact None

User Interaction Required

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

The EPSS score is 0.00023.

Key SSVC decision points have not yet been added.

No data.

No data.

No data.

No data.

Advisories

Source	ID	Title
EUVD	EUVD-2024-30288	The Tillitis TKey signer device application is an ed25519 signing tool. A vulnerability has been found that makes it possible to disclose portions of the TKey’s data in RAM over the USB interface. To exploit the vulnerability an attacker needs to use a custom client application and to touch the TKey. No secret is disclosed. All client applications integrating tkey-device-signer should upgrade to version 1.0.0 to receive a fix. No known workarounds are available.

Fixes

Solution

No solution given by the vendor.

Workaround

No workaround given by the vendor.

References

Link	Providers
https://bugbounty.tillitis.se/security-bulletins/tillitis-security-bulletin-240115-1
https://github.com/tillitis/tkey-device-signer/security/advisories/GHSA-frqc-62hv-379p

History

No history.

Projects

Sign in to view the affected projects.

MITRE

Status: PUBLISHED

Assigner: GitHub_M

Published: 2024-04-23T17:38:09.614Z

Updated: 2024-08-02T02:13:39.266Z

Reserved: 2024-04-12T19:41:51.168Z

Link: CVE-2024-32482

Vulnrichment

Updated: 2024-08-02T02:13:39.266Z

NVD

Status : Awaiting Analysis

Published: 2024-04-23T18:15:14.810

Modified: 2024-11-21T09:15:00.140

Link: CVE-2024-32482

Redhat

No data.

OpenCVE Enrichment

No data.

Weaknesses

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2024-32482", "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "state": "PUBLISHED", "assignerShortName": "GitHub_M", "dateReserved": "2024-04-12T19:41:51.168Z", "datePublished": "2024-04-23T17:38:09.614Z", "dateUpdated": "2024-08-02T02:13:39.266Z"}, "containers": {"cna": {"title": "Tillitis TKey Signer possible RAM disclosure vulnerability", "problemTypes": [{"descriptions": [{"cweId": "CWE-125", "lang": "en", "description": "CWE-125: Out-of-bounds Read", "type": "CWE"}]}, {"descriptions": [{"cweId": "CWE-367", "lang": "en", "description": "CWE-367: Time-of-check Time-of-use (TOCTOU) Race Condition", "type": "CWE"}]}], "metrics": [{"cvssV3_1": {"attackComplexity": "HIGH", "attackVector": "LOCAL", "availabilityImpact": "NONE", "baseScore": 2.2, "baseSeverity": "LOW", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:L/I:N/A:N", "version": "3.1"}}], "references": [{"name": "https://github.com/tillitis/tkey-device-signer/security/advisories/GHSA-frqc-62hv-379p", "tags": ["x_refsource_CONFIRM"], "url": "https://github.com/tillitis/tkey-device-signer/security/advisories/GHSA-frqc-62hv-379p"}, {"name": "https://bugbounty.tillitis.se/security-bulletins/tillitis-security-bulletin-240115-1", "tags": ["x_refsource_MISC"], "url": "https://bugbounty.tillitis.se/security-bulletins/tillitis-security-bulletin-240115-1"}], "affected": [{"vendor": "tillitis", "product": "tkey-device-signer", "versions": [{"version": "< 1.0.0", "status": "affected"}]}], "providerMetadata": {"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M", "dateUpdated": "2024-04-23T17:38:09.614Z"}, "descriptions": [{"lang": "en", "value": "The Tillitis TKey signer device application is an ed25519 signing tool. A vulnerability has been found that makes it possible to disclose portions of the TKey\u2019s data in RAM over the USB interface. To exploit the vulnerability an attacker needs to use a custom client application and to touch the TKey. No secret is disclosed. All client applications integrating tkey-device-signer should upgrade to version 1.0.0 to receive a fix. No known workarounds are available."}], "source": {"advisory": "GHSA-frqc-62hv-379p", "discovery": "UNKNOWN"}}, "adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2024-32482", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-04-23T19:29:46.894770Z"}}}], "affected": [{"cpes": ["cpe:2.3:a:tillitis:tkey_device_signer:-:*:*:*:*:*:*:*"], "vendor": "tillitis", "product": "tkey_device_signer", "versions": [{"status": "affected", "version": "0", "lessThan": "1.0.0", "versionType": "semver"}], "defaultStatus": "unknown"}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-06-04T17:50:25.582Z"}}, {"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T02:13:39.266Z"}, "title": "CVE Program Container", "references": [{"name": "https://github.com/tillitis/tkey-device-signer/security/advisories/GHSA-frqc-62hv-379p", "tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://github.com/tillitis/tkey-device-signer/security/advisories/GHSA-frqc-62hv-379p"}, {"name": "https://bugbounty.tillitis.se/security-bulletins/tillitis-security-bulletin-240115-1", "tags": ["x_refsource_MISC", "x_transferred"], "url": "https://bugbounty.tillitis.se/security-bulletins/tillitis-security-bulletin-240115-1"}]}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://github.com/tillitis/tkey-device-signer/security/advisories/GHSA-frqc-62hv-379p", "name": "https://github.com/tillitis/tkey-device-signer/security/advisories/GHSA-frqc-62hv-379p", "tags": ["x_refsource_CONFIRM", "x_transferred"]}, {"url": "https://bugbounty.tillitis.se/security-bulletins/tillitis-security-bulletin-240115-1", "name": "https://bugbounty.tillitis.se/security-bulletins/tillitis-security-bulletin-240115-1", "tags": ["x_refsource_MISC", "x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T02:13:39.266Z"}}, {"metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2024-32482", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-04-23T19:29:46.894770Z"}}}], "affected": [{"cpes": ["cpe:2.3:a:tillitis:tkey_device_signer:-:*:*:*:*:*:*:*"], "vendor": "tillitis", "product": "tkey_device_signer", "versions": [{"status": "affected", "version": "0", "lessThan": "1.0.0", "versionType": "semver"}], "defaultStatus": "unknown"}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-04-23T19:31:43.630Z"}, "title": "CISA ADP Vulnrichment"}], "cna": {"title": "Tillitis TKey Signer possible RAM disclosure vulnerability", "source": {"advisory": "GHSA-frqc-62hv-379p", "discovery": "UNKNOWN"}, "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 2.2, "attackVector": "LOCAL", "baseSeverity": "LOW", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:L/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "REQUIRED", "attackComplexity": "HIGH", "availabilityImpact": "NONE", "privilegesRequired": "LOW", "confidentialityImpact": "LOW"}}], "affected": [{"vendor": "tillitis", "product": "tkey-device-signer", "versions": [{"status": "affected", "version": "< 1.0.0"}]}], "references": [{"url": "https://github.com/tillitis/tkey-device-signer/security/advisories/GHSA-frqc-62hv-379p", "name": "https://github.com/tillitis/tkey-device-signer/security/advisories/GHSA-frqc-62hv-379p", "tags": ["x_refsource_CONFIRM"]}, {"url": "https://bugbounty.tillitis.se/security-bulletins/tillitis-security-bulletin-240115-1", "name": "https://bugbounty.tillitis.se/security-bulletins/tillitis-security-bulletin-240115-1", "tags": ["x_refsource_MISC"]}], "descriptions": [{"lang": "en", "value": "The Tillitis TKey signer device application is an ed25519 signing tool. A vulnerability has been found that makes it possible to disclose portions of the TKey\u2019s data in RAM over the USB interface. To exploit the vulnerability an attacker needs to use a custom client application and to touch the TKey. No secret is disclosed. All client applications integrating tkey-device-signer should upgrade to version 1.0.0 to receive a fix. No known workarounds are available."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-125", "description": "CWE-125: Out-of-bounds Read"}]}, {"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-367", "description": "CWE-367: Time-of-check Time-of-use (TOCTOU) Race Condition"}]}], "providerMetadata": {"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M", "dateUpdated": "2024-04-23T17:38:09.614Z"}}}, "cveMetadata": {"cveId": "CVE-2024-32482", "state": "PUBLISHED", "dateUpdated": "2024-08-02T02:13:39.266Z", "dateReserved": "2024-04-12T19:41:51.168Z", "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "datePublished": "2024-04-23T17:38:09.614Z", "assignerShortName": "GitHub_M"}, "dataVersion": "5.1"}

{"descriptions": [{"lang": "en", "value": "The Tillitis TKey signer device application is an ed25519 signing tool. A vulnerability has been found that makes it possible to disclose portions of the TKey\u2019s data in RAM over the USB interface. To exploit the vulnerability an attacker needs to use a custom client application and to touch the TKey. No secret is disclosed. All client applications integrating tkey-device-signer should upgrade to version 1.0.0 to receive a fix. No known workarounds are available."}, {"lang": "es", "value": "La aplicaci\u00f3n del dispositivo de firma Tillitis TKey es una herramienta de firma ed25519. Se ha encontrado una vulnerabilidad que permite revelar partes de los datos del TKey en la RAM a trav\u00e9s de la interfaz USB. Para explotar la vulnerabilidad, un atacante necesita utilizar una aplicaci\u00f3n cliente personalizada y tocar la tecla TKey. No se revela ning\u00fan secreto. Todas las aplicaciones cliente que integran tkey-device-signer deben actualizarse a la versi\u00f3n 1.0.0 para recibir una soluci\u00f3n. No hay workarounds disponibles."}], "id": "CVE-2024-32482", "lastModified": "2024-11-21T09:15:00.140", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "HIGH", "attackVector": "LOCAL", "availabilityImpact": "NONE", "baseScore": 2.2, "baseSeverity": "LOW", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:L/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 0.8, "impactScore": 1.4, "source": "security-advisories@github.com", "type": "Secondary"}]}, "published": "2024-04-23T18:15:14.810", "references": [{"source": "security-advisories@github.com", "url": "https://bugbounty.tillitis.se/security-bulletins/tillitis-security-bulletin-240115-1"}, {"source": "security-advisories@github.com", "url": "https://github.com/tillitis/tkey-device-signer/security/advisories/GHSA-frqc-62hv-379p"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://bugbounty.tillitis.se/security-bulletins/tillitis-security-bulletin-240115-1"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://github.com/tillitis/tkey-device-signer/security/advisories/GHSA-frqc-62hv-379p"}], "sourceIdentifier": "security-advisories@github.com", "vulnStatus": "Awaiting Analysis", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-125"}, {"lang": "en", "value": "CWE-367"}], "source": "security-advisories@github.com", "type": "Secondary"}]}