openssl-high-vulnerability

Analysis

On the 1st of November, OpenSSL published an advisory about two high-severity vulnerabilities that could lead to Denial of Service and remote code execution.

From this vulnerability a buffer overrun can be triggered in the verification of the certificate, specific to the name constraint check. By taking advantage of this, an attacker can craft a malicious email to overflow four attack-controlled bytes on a stack where it could lead to remote code execution or DoS.

OpenSSL has stated that there is no known exploit code present currently.

Polar bear reported this Vulnerability to OpenSSL and the vulnerability was initially identified as Critical severity and later changed to High severity, these vulnerabilities are classified as CVE-2022-3602 and CVE-2022-3786 in Common Vulnerability and Exposures Database.

The Vulnerable OpenSSL versions start from 3.0.1 to 3.0.6, the OpenSSL version 1.1.1 and 1.0.2 are not affected by these vulnerabilities.

CVEs of Vulnerable Products

  • CVE-2022-3602
  • CVE-2022-3786

Prevention

Update the OpenSSL to version 3.0.7 or to the latest available version.

References

OpenSSL

CISA.gov

 

Recent Threat Bulletin

A report on Jenkins CVE-2024-23897 vulnerability
Ivanti Zero-Day Vulnerabilities: Connect Secure and IPS
Unmasking Androxgh0st: A deep dive to safeguard your network

Get in touch

Send us a Message

Looking for general information or have a specific question. Fill the form below or drop
us a line at susan@positka.com.

logo-img

Positka specializes in high-end technology solutions to help businesses improve their IT infrastructure with advanced Security Protocols, excellence in Analytics, Streamlined IT Operations, & around-the-clock Managed services.

Quick Links

Services

Copyright Positka © . All Rights Reserved.