CWE-347
AllowedImproper Verification of Cryptographic Signature
Abstraction: Base · Status: Draft
The product does not verify, or incorrectly verifies, the cryptographic signature for data.
1127 vulnerabilities reference this CWE, most recent first.
CVE-2025-40758 (GCVE-0-2025-40758)
Vulnerability from cvelistv5 – Published: 2025-08-14 15:06 – Updated: 2025-08-14 15:18- CWE-347 - Improper Verification of Cryptographic Signature
| Vendor | Product | Version | |
|---|---|---|---|
| Siemens | Mendix SAML (Mendix 10.12 compatible) |
Affected:
0 , < V4.0.3
(custom)
|
|
| Siemens | Mendix SAML (Mendix 10.21 compatible) |
Affected:
0 , < V4.1.2
(custom)
|
|
| Siemens | Mendix SAML (Mendix 9.24 compatible) |
Affected:
0 , < V3.6.21
(custom)
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-40758",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-08-14T15:18:38.766906Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-08-14T15:18:47.716Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "Mendix SAML (Mendix 10.12 compatible)",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V4.0.3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "Mendix SAML (Mendix 10.21 compatible)",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V4.1.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "Mendix SAML (Mendix 9.24 compatible)",
"vendor": "Siemens",
"versions": [
{
"lessThan": "V3.6.21",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability has been identified in Mendix SAML (Mendix 10.12 compatible) (All versions \u003c V4.0.3), Mendix SAML (Mendix 10.21 compatible) (All versions \u003c V4.1.2), Mendix SAML (Mendix 9.24 compatible) (All versions \u003c V3.6.21). Affected versions of the module insufficiently enforce signature validation and binding checks. This could allow unauthenticated remote attackers to hijack an account in specific SSO configurations."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 8.7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-347",
"description": "CWE-347: Improper Verification of Cryptographic Signature",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-08-14T15:06:31.691Z",
"orgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
"shortName": "siemens"
},
"references": [
{
"url": "https://cert-portal.siemens.com/productcert/html/ssa-395458.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "cec7a2ec-15b4-4faf-bd53-b40f371f3a77",
"assignerShortName": "siemens",
"cveId": "CVE-2025-40758",
"datePublished": "2025-08-14T15:06:31.691Z",
"dateReserved": "2025-04-16T08:39:30.031Z",
"dateUpdated": "2025-08-14T15:18:47.716Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-36418 (GCVE-0-2025-36418)
Vulnerability from cvelistv5 – Published: 2026-01-20 15:50 – Updated: 2026-01-20 16:09- CWE-347 - Improper Verification of Cryptographic Signature
| URL | Tags |
|---|---|
| https://www.ibm.com/support/pages/node/7257446 | vendor-advisorypatch |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-36418",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-01-20T16:09:28.415356Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-01-20T16:09:43.989Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"cpes": [
"cpe:2.3:a:ibm:applinx:11.1:*:*:*:*:*:*:*"
],
"product": "ApplinX",
"vendor": "IBM",
"versions": [
{
"status": "affected",
"version": "11.1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eIBM ApplinX 11.1 is vulnerable due to a privilege escalation vulnerability due to improper verification of JWT tokens. An attacker may be able to craft or modify a JSON web token in order to impersonate another user or to elevate their privileges.\u003c/p\u003e"
}
],
"value": "IBM ApplinX 11.1 is vulnerable due to a privilege escalation vulnerability due to improper verification of JWT tokens. An attacker may be able to craft or modify a JSON web token in order to impersonate another user or to elevate their privileges."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-347",
"description": "CWE-347 Improper Verification of Cryptographic Signature",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-01-20T15:51:08.237Z",
"orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"shortName": "ibm"
},
"references": [
{
"tags": [
"vendor-advisory",
"patch"
],
"url": "https://www.ibm.com/support/pages/node/7257446"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eIBM strongly recommends addressing the vulnerabilities now by upgrading IBM ApplinX. Product Version Remediation/Fix IBM ApplinX 11.1 Download and apply the update from Fix Central here .\u003c/p\u003e"
}
],
"value": "IBM strongly recommends addressing the vulnerabilities now by upgrading IBM ApplinX. Product Version Remediation/Fix IBM ApplinX 11.1 Download and apply the update from Fix Central here ."
}
],
"title": "Multiple vulnerabilities found in IBM ApplinX.",
"x_generator": {
"engine": "ibm-cvegen"
}
}
},
"cveMetadata": {
"assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"assignerShortName": "ibm",
"cveId": "CVE-2025-36418",
"datePublished": "2026-01-20T15:50:40.562Z",
"dateReserved": "2025-04-15T21:17:01.668Z",
"dateUpdated": "2026-01-20T16:09:43.989Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-34503 (GCVE-0-2025-34503)
Vulnerability from cvelistv5 – Published: 2025-10-24 23:04 – Updated: 2025-10-27 15:57| URL | Tags |
|---|---|
| https://www.ioactive.com/wp-content/uploads/2025/… | technical-descriptionexploit |
| https://www.vulncheck.com/advisories/shuffle-mast… | third-party-advisory |
| Vendor | Product | Version | |
|---|---|---|---|
| Light & Wonder, Inc. / SHFL Entertainment, Inc. / Shuffle Master, Inc. | Deck Mate 1 |
Affected:
0 , < unknown
(custom)
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-34503",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-10-27T15:38:32.319233Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-10-27T15:57:36.604Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"modules": [
"External EEPROM firmware"
],
"product": "Deck Mate 1",
"vendor": "Light \u0026 Wonder, Inc. / SHFL Entertainment, Inc. / Shuffle Master, Inc.",
"versions": [
{
"lessThan": "unknown",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Joseph Tartaro of IOActive"
},
{
"lang": "en",
"type": "finder",
"value": "Enrique Nissim of IOActive"
},
{
"lang": "en",
"type": "finder",
"value": "Ethan Shackelford of IOActive"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cdiv\u003e\u003cdiv\u003e\u003c/div\u003e\u003cdiv\u003eDeck Mate 1 executes firmware directly from an external EEPROM without verifying authenticity or integrity. An attacker with physical access can replace or reflash the EEPROM to run arbitrary code that persists across reboots. Because this design predates modern secure-boot or signed-update mechanisms, affected systems should be physically protected or retired from service. The vendor has not indicated that firmware updates are available for this legacy model.\u003cbr\u003e\u003c/div\u003e\u003c/div\u003e"
}
],
"value": "Deck Mate 1 executes firmware directly from an external EEPROM without verifying authenticity or integrity. An attacker with physical access can replace or reflash the EEPROM to run arbitrary code that persists across reboots. Because this design predates modern secure-boot or signed-update mechanisms, affected systems should be physically protected or retired from service. The vendor has not indicated that firmware updates are available for this legacy model."
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "PHYSICAL",
"baseScore": 7,
"baseSeverity": "HIGH",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:P/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-347",
"description": "CWE-347 Improper Verification of Cryptographic Signature",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-1326",
"description": "CWE-1326 Missing Immutable Root of Trust in Hardware",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-10-24T23:04:43.922Z",
"orgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
"shortName": "VulnCheck"
},
"references": [
{
"tags": [
"technical-description",
"exploit"
],
"url": "https://www.ioactive.com/wp-content/uploads/2025/05/IOActive-card-shuffler-security.pdf"
},
{
"tags": [
"third-party-advisory"
],
"url": "https://www.vulncheck.com/advisories/shuffle-master-deck-mate-1-unauthenticated-eeprom-firmware-execution"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Shuffle Master Deck Mate 1 Unauthenticated EEPROM Firmware Execution",
"x_generator": {
"engine": "Vulnogram 0.4.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
"assignerShortName": "VulnCheck",
"cveId": "CVE-2025-34503",
"datePublished": "2025-10-24T23:04:43.922Z",
"dateReserved": "2025-04-15T19:15:22.611Z",
"dateUpdated": "2025-10-27T15:57:36.604Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-34500 (GCVE-0-2025-34500)
Vulnerability from cvelistv5 – Published: 2025-10-24 23:02 – Updated: 2025-10-27 15:21| URL | Tags |
|---|---|
| https://www.ioactive.com/wp-content/uploads/2025/… | technical-descriptionexploit |
| https://www.wired.com/story/card-shuffler-hack/ | media-coverage |
| https://www.wired.com/story/how-hacked-card-shuff… | media-coverage |
| https://www.vulncheck.com/advisories/shuffle-mast… | third-party-advisory |
| Vendor | Product | Version | |
|---|---|---|---|
| Light & Wonder, Inc. / SHFL Entertainment, Inc. / Shuffle Master, Inc. | Deck Mate 2 |
Affected:
0 , < all known versions prior to 2025-10-23
(custom)
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-34500",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-10-27T15:20:40.299784Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-10-27T15:21:02.916Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"modules": [
"Update/decryption utility and package verification"
],
"product": "Deck Mate 2",
"vendor": "Light \u0026 Wonder, Inc. / SHFL Entertainment, Inc. / Shuffle Master, Inc.",
"versions": [
{
"lessThan": "all known versions prior to 2025-10-23",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Joseph Tartaro of IOActive"
},
{
"lang": "en",
"type": "finder",
"value": "Enrique Nissim of IOActive"
},
{
"lang": "en",
"type": "finder",
"value": "Ethan Shackelford of IOActive"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Deck Mate 2\u0027s firmware update mechanism accepts packages without cryptographic signature verification, encrypts them with a single hard-coded AES key shared across devices, and uses a truncated HMAC for integrity validation. Attackers with access to the update interface - typically via the unit\u0027s USB update port - can craft or modify firmware packages to execute arbitrary code as root, allowing persistent compromise of the device\u0027s integrity and deck randomization process. Physical or on-premises access remains the most likely attack path, though network-exposed or telemetry-enabled deployments could theoretically allow remote exploitation if misconfigured. The vendor confirmed that firmware updates have been issued to correct these update-chain weaknesses and that USB update access has been disabled on affected units.\u003cbr\u003e"
}
],
"value": "Deck Mate 2\u0027s firmware update mechanism accepts packages without cryptographic signature verification, encrypts them with a single hard-coded AES key shared across devices, and uses a truncated HMAC for integrity validation. Attackers with access to the update interface - typically via the unit\u0027s USB update port - can craft or modify firmware packages to execute arbitrary code as root, allowing persistent compromise of the device\u0027s integrity and deck randomization process. Physical or on-premises access remains the most likely attack path, though network-exposed or telemetry-enabled deployments could theoretically allow remote exploitation if misconfigured. The vendor confirmed that firmware updates have been issued to correct these update-chain weaknesses and that USB update access has been disabled on affected units."
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "PHYSICAL",
"baseScore": 7,
"baseSeverity": "HIGH",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:P/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-321",
"description": "CWE-321 Use of Hard-coded Cryptographic Key",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-327",
"description": "CWE-327 Use of a Broken or Risky Cryptographic Algorithm",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-347",
"description": "CWE-347 Improper Verification of Cryptographic Signature",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-10-24T23:02:29.851Z",
"orgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
"shortName": "VulnCheck"
},
"references": [
{
"tags": [
"technical-description",
"exploit"
],
"url": "https://www.ioactive.com/wp-content/uploads/2025/05/IOActive-card-shuffler-security.pdf"
},
{
"tags": [
"media-coverage"
],
"url": "https://www.wired.com/story/card-shuffler-hack/"
},
{
"tags": [
"media-coverage"
],
"url": "https://www.wired.com/story/how-hacked-card-shufflers-allegedly-enabled-a-mob-fueled-poker-scam-that-rocked-the-nba/"
},
{
"tags": [
"third-party-advisory"
],
"url": "https://www.vulncheck.com/advisories/shuffle-master-deck-mate-2-insecure-update-chain"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eLight \u0026amp; Wonder reports that it has deployed firmware updates addressing the update-chain weaknesses IOActive described (including fixes to the cryptographic integrity checks) and has disabled the USB update port on affected Deck Mate 2 units.\u003c/span\u003e\u003cbr\u003e"
}
],
"value": "Light \u0026 Wonder reports that it has deployed firmware updates addressing the update-chain weaknesses IOActive described (including fixes to the cryptographic integrity checks) and has disabled the USB update port on affected Deck Mate 2 units."
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Shuffle Master Deck Mate 2 Insecure Update Chain",
"x_generator": {
"engine": "Vulnogram 0.4.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
"assignerShortName": "VulnCheck",
"cveId": "CVE-2025-34500",
"datePublished": "2025-10-24T23:02:29.851Z",
"dateReserved": "2025-04-15T19:15:22.611Z",
"dateUpdated": "2025-10-27T15:21:02.916Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-34324 (GCVE-0-2025-34324)
Vulnerability from cvelistv5 – Published: 2025-11-18 16:33 – Updated: 2025-11-18 18:24- CWE-347 - Improper Verification of Cryptographic Signature
| URL | Tags |
|---|---|
| https://www.ush.it/2025/11/14/multiple-vulnerabil… | technical-descriptionexploit |
| https://infocert.digital/consumer/gosign-suite/ | product |
| https://www.vulncheck.com/advisories/gosign-deskt… | third-party-advisory |
| https://www.ush.it/2025/11/14/vulnerabilita-multi… | technical-descriptionexploit |
| Vendor | Product | Version | |
|---|---|---|---|
| Tinexta InfoCert S.p.A. | GoSign Desktop |
Affected:
0 , < 2.4.1
(semver)
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-34324",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-11-18T18:24:08.434766Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-11-18T18:24:11.777Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"references": [
{
"tags": [
"exploit"
],
"url": "https://www.ush.it/2025/11/14/multiple-vulnerabilities-gosign-desktop-remote-code-execution/"
},
{
"tags": [
"exploit"
],
"url": "https://www.ush.it/2025/11/14/vulnerabilita-multiple-gosign-desktop-esecuzione-remota-codice-arbitrario/"
}
],
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "GoSign Desktop",
"vendor": "Tinexta InfoCert S.p.A.",
"versions": [
{
"lessThan": "2.4.1",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Pasquale \"sid\" Fiorillo"
},
{
"lang": "en",
"type": "finder",
"value": "Francesco \"ascii\" Ongaro"
},
{
"lang": "en",
"type": "finder",
"value": "Marco Lunardi"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "GoSign Desktop versions 2.4.0 and earlier use an unsigned update manifest for distributing application updates. The manifest contains package URLs and SHA-256 hashes but is not digitally signed, so its authenticity relies solely on the underlying TLS channel. In affected versions, TLS certificate validation can be disabled when a proxy is configured, allowing an attacker who can intercept network traffic to supply a malicious update manifest and corresponding package with a matching hash. This can cause the client to download and install a tampered update, resulting in arbitrary code execution with the privileges of the GoSign Desktop user on Windows and macOS, or with elevated privileges on some Linux deployments. A local attacker who can modify proxy settings may also abuse this behavior to escalate privileges by forcing installation of a crafted update."
}
],
"value": "GoSign Desktop versions 2.4.0 and earlier use an unsigned update manifest for distributing application updates. The manifest contains package URLs and SHA-256 hashes but is not digitally signed, so its authenticity relies solely on the underlying TLS channel. In affected versions, TLS certificate validation can be disabled when a proxy is configured, allowing an attacker who can intercept network traffic to supply a malicious update manifest and corresponding package with a matching hash. This can cause the client to download and install a tampered update, resulting in arbitrary code execution with the privileges of the GoSign Desktop user on Windows and macOS, or with elevated privileges on some Linux deployments. A local attacker who can modify proxy settings may also abuse this behavior to escalate privileges by forcing installation of a crafted update."
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "LOCAL",
"baseScore": 7,
"baseSeverity": "HIGH",
"exploitMaturity": "NOT_DEFINED",
"privilegesRequired": "LOW",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "PASSIVE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-347",
"description": "CWE-347 Improper Verification of Cryptographic Signature",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-11-18T16:33:05.469Z",
"orgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
"shortName": "VulnCheck"
},
"references": [
{
"tags": [
"technical-description",
"exploit"
],
"url": "https://www.ush.it/2025/11/14/multiple-vulnerabilities-gosign-desktop-remote-code-execution/"
},
{
"tags": [
"product"
],
"url": "https://infocert.digital/consumer/gosign-suite/"
},
{
"tags": [
"third-party-advisory"
],
"url": "https://www.vulncheck.com/advisories/gosign-desktop-insecure-update-mechanism-rce"
},
{
"tags": [
"technical-description",
"exploit"
],
"url": "https://www.ush.it/2025/11/14/vulnerabilita-multiple-gosign-desktop-esecuzione-remota-codice-arbitrario/"
}
],
"source": {
"discovery": "UNKNOWN"
},
"timeline": [
{
"lang": "en",
"time": "2025-11-14T18:09:00.000Z",
"value": "Researcher publicly discloses vulnerability"
}
],
"title": "GoSign Desktop \u003c 2.4.1 Insecure Update Mechanism RCE",
"x_generator": {
"engine": "Vulnogram 0.5.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
"assignerShortName": "VulnCheck",
"cveId": "CVE-2025-34324",
"datePublished": "2025-11-18T16:33:05.469Z",
"dateReserved": "2025-04-15T19:15:22.585Z",
"dateUpdated": "2025-11-18T18:24:11.777Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-33074 (GCVE-0-2025-33074)
Vulnerability from cvelistv5 – Published: 2025-04-30 17:14 – Updated: 2026-02-26 18:29 Exclusively Hosted Service- CWE-347 - Improper Verification of Cryptographic Signature
| URL | Tags |
|---|---|
| https://msrc.microsoft.com/update-guide/vulnerabi… | vendor-advisorypatch |
| Vendor | Product | Version | |
|---|---|---|---|
| Microsoft | Azure Functions |
Affected:
-
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-33074",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-05-02T03:55:23.589936Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-02-26T18:29:06.401Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Azure Functions",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "-"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:microsoft:azure_functions:*:*:*:*:*:*:*:*",
"versionStartIncluding": "-",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"datePublic": "2025-04-30T07:00:00.000Z",
"descriptions": [
{
"lang": "en-US",
"value": "Improper verification of cryptographic signature in Microsoft Azure Functions allows an authorized attacker to execute code over a network."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en-US",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-347",
"description": "CWE-347: Improper Verification of Cryptographic Signature",
"lang": "en-US",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-02-13T19:33:42.268Z",
"orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"shortName": "microsoft"
},
"references": [
{
"name": "Azure Functions Remote Code Execution Vulnerability",
"tags": [
"vendor-advisory",
"patch"
],
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-33074"
}
],
"tags": [
"exclusively-hosted-service"
],
"title": "Azure Functions Remote Code Execution Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"assignerShortName": "microsoft",
"cveId": "CVE-2025-33074",
"datePublished": "2025-04-30T17:14:51.166Z",
"dateReserved": "2025-04-15T17:46:28.203Z",
"dateUpdated": "2026-02-26T18:29:06.401Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-33069 (GCVE-0-2025-33069)
Vulnerability from cvelistv5 – Published: 2025-06-10 17:02 – Updated: 2026-02-20 16:01- CWE-347 - Improper Verification of Cryptographic Signature
| URL | Tags |
|---|---|
| https://msrc.microsoft.com/update-guide/vulnerabi… | vendor-advisorypatch |
| Vendor | Product | Version | |
|---|---|---|---|
| Microsoft | Windows 11 Version 24H2 |
Affected:
10.0.26100.0 , < 10.0.26100.4349
(custom)
|
|
| Microsoft | Windows Server 2025 |
Affected:
10.0.26100.0 , < 10.0.26100.4349
(custom)
|
|
| Microsoft | Windows Server 2025 (Server Core installation) |
Affected:
10.0.26100.0 , < 10.0.26100.4349
(custom)
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-33069",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-06-10T18:21:12.268628Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-06-10T18:44:32.671Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"platforms": [
"ARM64-based Systems",
"x64-based Systems"
],
"product": "Windows 11 Version 24H2",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "10.0.26100.4349",
"status": "affected",
"version": "10.0.26100.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"x64-based Systems"
],
"product": "Windows Server 2025",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "10.0.26100.4349",
"status": "affected",
"version": "10.0.26100.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"x64-based Systems"
],
"product": "Windows Server 2025 (Server Core installation)",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "10.0.26100.4349",
"status": "affected",
"version": "10.0.26100.0",
"versionType": "custom"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2025:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.26100.4349",
"versionStartIncluding": "10.0.26100.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_11_24H2:*:*:*:*:*:*:arm64:*",
"versionEndExcluding": "10.0.26100.4349",
"versionStartIncluding": "10.0.26100.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2025:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.26100.4349",
"versionStartIncluding": "10.0.26100.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"datePublic": "2025-06-10T07:00:00.000Z",
"descriptions": [
{
"lang": "en-US",
"value": "Improper verification of cryptographic signature in App Control for Business (WDAC) allows an unauthorized attacker to bypass a security feature locally."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 5.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N/E:U/RL:O/RC:C",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en-US",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-347",
"description": "CWE-347: Improper Verification of Cryptographic Signature",
"lang": "en-US",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-02-20T16:01:04.779Z",
"orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"shortName": "microsoft"
},
"references": [
{
"name": "Windows App Control for Business Security Feature Bypass Vulnerability",
"tags": [
"vendor-advisory",
"patch"
],
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-33069"
}
],
"title": "Windows App Control for Business Security Feature Bypass Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"assignerShortName": "microsoft",
"cveId": "CVE-2025-33069",
"datePublished": "2025-06-10T17:02:34.814Z",
"dateReserved": "2025-04-15T17:46:28.202Z",
"dateUpdated": "2026-02-20T16:01:04.779Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-32060 (GCVE-0-2025-32060)
Vulnerability from cvelistv5 – Published: 2026-02-15 10:46 – Updated: 2026-02-17 20:07- CWE-347 - Improper Verification of Cryptographic Signature
| URL | Tags |
|---|---|
| https://www.nissan.co.uk/vehicles/new-vehicles/le… | product |
| http://i.blackhat.com/Asia-25/Asia-25-Evdokimov-R… | media-coverage |
| https://pcacybersecurity.com/resources/advisory/v… | third-party-advisory |
| Vendor | Product | Version | |
|---|---|---|---|
| Bosch | Infotainment system ECU |
Affected:
283C30861E
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-32060",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-02-17T20:07:32.768943Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-02-17T20:07:40.053Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"platforms": [
"Linux"
],
"product": "Infotainment system ECU",
"vendor": "Bosch",
"versions": [
{
"status": "affected",
"version": "283C30861E"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Mikhail Evdokimov (PCA Cyber Security Assessment Team)"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "The system suffers from the absence of a kernel module signature verification. If an attacker can execute commands on behalf of root user (due to additional vulnerabilities), then he/she is also able to load custom kernel modules to the kernel space and execute code in the kernel context. Such a flaw can lead to taking control over the entire system.\u003cbr\u003e\u003cbr\u003e\n\nFirst identified on \u003cspan style=\"background-color: var(--wht);\"\u003eNissan Leaf ZE1 manufactured in 2020.\u003c/span\u003e\n\n\u003cbr\u003e"
}
],
"value": "The system suffers from the absence of a kernel module signature verification. If an attacker can execute commands on behalf of root user (due to additional vulnerabilities), then he/she is also able to load custom kernel modules to the kernel space and execute code in the kernel context. Such a flaw can lead to taking control over the entire system.\n\n\n\nFirst identified on Nissan Leaf ZE1 manufactured in 2020."
}
],
"impacts": [
{
"capecId": "CAPEC-115",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-115 Authentication Bypass"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-347",
"description": "CWE-347: Improper Verification of Cryptographic Signature",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-02-15T10:46:23.570Z",
"orgId": "c15abc07-96a9-4d11-a503-5d621bfe42ba",
"shortName": "ASRG"
},
"references": [
{
"tags": [
"product"
],
"url": "https://www.nissan.co.uk/vehicles/new-vehicles/leaf.html"
},
{
"tags": [
"media-coverage"
],
"url": "http://i.blackhat.com/Asia-25/Asia-25-Evdokimov-Remote-Exploitation-of-Nissan-Leaf.pdf"
},
{
"tags": [
"third-party-advisory"
],
"url": "https://pcacybersecurity.com/resources/advisory/vulnerabilities-in-nissan-infotainment-manufactured-by-bosch"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Absence of Kernel Module Signature Verification on Linux System of Infotainment ECU",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "c15abc07-96a9-4d11-a503-5d621bfe42ba",
"assignerShortName": "ASRG",
"cveId": "CVE-2025-32060",
"datePublished": "2026-02-15T10:46:23.570Z",
"dateReserved": "2025-04-03T15:32:43.282Z",
"dateUpdated": "2026-02-17T20:07:40.053Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-31489 (GCVE-0-2025-31489)
Vulnerability from cvelistv5 – Published: 2025-04-03 19:36 – Updated: 2025-04-03 20:36- CWE-347 - Improper Verification of Cryptographic Signature
| URL | Tags |
|---|---|
| https://github.com/minio/minio/security/advisorie… | x_refsource_CONFIRM |
| https://github.com/minio/minio/pull/21103 | x_refsource_MISC |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-31489",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-04-03T20:36:06.237877Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-04-03T20:36:19.079Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "minio",
"vendor": "minio",
"versions": [
{
"status": "affected",
"version": "\u003c RELEASE.2025-04-03T14-56-28Z"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "MinIO is a High Performance Object Storage released under GNU Affero General Public License v3.0. The signature component of the authorization may be invalid, which would mean that as a client you can use any arbitrary secret to upload objects given the user already has prior WRITE permissions on the bucket. Prior knowledge of access-key, and bucket name this user might have access\nto - and an access-key with a WRITE permissions is necessary. However with relevant information in place, uploading random objects to buckets is trivial and easy via curl. This issue is fixed in RELEASE.2025-04-03T14-56-28Z."
}
],
"metrics": [
{
"cvssV4_0": {
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 8.7,
"baseSeverity": "HIGH",
"privilegesRequired": "NONE",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "HIGH"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-347",
"description": "CWE-347: Improper Verification of Cryptographic Signature",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-04-03T19:36:09.335Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/minio/minio/security/advisories/GHSA-wg47-6jq2-q2hh",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/minio/minio/security/advisories/GHSA-wg47-6jq2-q2hh"
},
{
"name": "https://github.com/minio/minio/pull/21103",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/minio/minio/pull/21103"
}
],
"source": {
"advisory": "GHSA-wg47-6jq2-q2hh",
"discovery": "UNKNOWN"
},
"title": "MinIO performs incomplete signature validation for unsigned-trailer uploads"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2025-31489",
"datePublished": "2025-04-03T19:36:09.335Z",
"dateReserved": "2025-03-28T13:36:51.298Z",
"dateUpdated": "2025-04-03T20:36:19.079Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-31335 (GCVE-0-2025-31335)
Vulnerability from cvelistv5 – Published: 2025-03-28 00:00 – Updated: 2025-03-28 14:31- CWE-347 - Improper Verification of Cryptographic Signature
| Vendor | Product | Version | |
|---|---|---|---|
| Shibboleth | OpenSAML C++ library |
Affected:
0 , < 3.3.1
(semver)
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-31335",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-03-28T14:30:51.735024Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-03-28T14:31:11.464Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "OpenSAML C++ library",
"vendor": "Shibboleth",
"versions": [
{
"lessThan": "3.3.1",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "The OpenSAML C++ library before 3.3.1 allows forging of signed SAML messages via parameter manipulation (when using SAML bindings that rely on non-XML signatures)."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-347",
"description": "CWE-347 Improper Verification of Cryptographic Signature",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-03-28T05:25:12.442Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://shibboleth.net/community/advisories/secadv_20250313.txt"
},
{
"url": "https://git.shibboleth.net/view/?p=cpp-opensaml.git;a=commit;h=22a610b322e2178abd03e97cdbc8fb50b45efaee"
},
{
"url": "https://shibboleth.atlassian.net/browse/CPPOST-126"
},
{
"url": "https://lists.debian.org/debian-security-announce/2025/msg00041.html"
}
],
"x_generator": {
"engine": "enrichogram 0.0.1"
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2025-31335",
"datePublished": "2025-03-28T00:00:00.000Z",
"dateReserved": "2025-03-28T00:00:00.000Z",
"dateUpdated": "2025-03-28T14:31:11.464Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
No mitigation information available for this CWE.
CAPEC-463: Padding Oracle Crypto Attack
An adversary is able to efficiently decrypt data without knowing the decryption key if a target system leaks data on whether or not a padding error happened while decrypting the ciphertext. A target system that leaks this type of information becomes the padding oracle and an adversary is able to make use of that oracle to efficiently decrypt data without knowing the decryption key by issuing on average 128*b calls to the padding oracle (where b is the number of bytes in the ciphertext block). In addition to performing decryption, an adversary is also able to produce valid ciphertexts (i.e., perform encryption) by using the padding oracle, all without knowing the encryption key.
CAPEC-475: Signature Spoofing by Improper Validation
An adversary exploits a cryptographic weakness in the signature verification algorithm implementation to generate a valid signature without knowing the key.