Axtls
CVE-2023-33613
MEDIUM
Severity by source
AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
Lifecycle Timeline
1DescriptionNVD
axTLS v2.1.5 was discovered to contain a heap buffer overflow in the bi_import function in axtls-code/crypto/bigint.c. This vulnerability allows attackers to cause a Denial of Service (DoS) when parsing a private key.
AnalysisAI
axTLS v2.1.5 was discovered to contain a heap buffer overflow in the bi_import function in axtls-code/crypto/bigint.c. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
Technical ContextAI
This vulnerability is classified as Out-of-bounds Write (CWE-787), which allows attackers to write data beyond allocated buffer boundaries leading to code execution or crashes. axTLS v2.1.5 was discovered to contain a heap buffer overflow in the bi_import function in axtls-code/crypto/bigint.c. This vulnerability allows attackers to cause a Denial of Service (DoS) when parsing a private key. Affected products include: Axtls Project Axtls.
RemediationAI
No vendor patch is available at time of analysis. Monitor vendor advisories for updates. Validate write boundaries, use memory-safe languages, enable compiler protections (ASLR, stack canaries).
tls1.c in Cameron Hamilton-Rich axTLS before 2.1.5 has a Buffer Overflow via a crafted sequence of TLS packets because t
In sig_verify() in x509.c in axTLS version 2.1.3 and before, the PKCS#1 v1.5 signature verification does not properly ve
In sig_verify() in x509.c in axTLS version 2.1.3 and before, the PKCS#1 v1.5 signature verification blindly trusts the d
process_certificate in tls1.c in Cameron Hamilton-Rich axTLS through 2.1.5 has a Buffer Overflow via a crafted TLS certi
The asn1_signature function in asn1.c in Cameron Hamilton-Rich axTLS through 2.1.5 has a Buffer Overflow that allows rem
In sig_verify() in x509.c in axTLS version 2.1.3 and before, the PKCS#1 v1.5 signature verification does not reject exce
Same weakness CWE-787 – Out-of-bounds Write
View allSame technique Memory Corruption
View allShare
External POC / Exploit Code
Leaving vuln.today