Search

Find a vulnerability

Search criteria

    2 vulnerabilities found for Szafir SDK by Krajowa Izba Rozliczeniowa

    CVE-2026-9058 (GCVE-0-2026-9058)

    Vulnerability from nvd – Published: 2026-05-25 13:23 – Updated: 2026-05-26 15:58
    VLAI
    Title
    Improper Certificate Verification in Szafir SDK
    Summary
    Szafir SDK returns a success status code from the cryptographic digital signature verification process (i.e. /VerifyingTaskItem/Signature/VerificationResult/Result/@code == 0, "Positively verified") even when the trust status of the signer's certificate could not be established (i.e. /VerifyingTaskItem/Signature/VerificationResult/SigningCertificate/@certificateType == "nondetermined"). This causes consuming applications to incorrectly treat the signature as valid despite an unverified certificate chain, enabling authentication bypass and user impersonation. This issue was fixed in version 463.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-637 - Unnecessary Complexity in Protection Mechanism (Not Using 'Economy of Mechanism')
    • CWE-393 - Return of Wrong Status Code
    Assigner
    References
    Impacted products
    Vendor Product Version
    Krajowa Izba Rozliczeniowa Szafir SDK Affected: 0 , < 463 (custom)
    Create a notification for this product.
    Credits
    Michał Leszczyński (icedev.pl)
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-9058",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-05-26T15:57:55.171237Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-05-26T15:58:01.602Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "Szafir SDK",
              "vendor": "Krajowa Izba Rozliczeniowa",
              "versions": [
                {
                  "lessThan": "463",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "Micha\u0142 Leszczy\u0144ski (icedev.pl)"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eSzafir SDK returns a success status code from the cryptographic digital signature verification process (i.e. \u003ci\u003e/VerifyingTaskItem/Signature/VerificationResult/Result/@code == 0,\u003c/i\u003e \"Positively verified\") even when the trust status of the signer\u0027s certificate could not be established (i.e. \u003ci\u003e/VerifyingTaskItem/Signature/VerificationResult/SigningCertificate/@certificateType == \"nondetermined\")\u003c/i\u003e. This causes consuming applications to incorrectly treat the signature as valid despite an unverified certificate chain, enabling authentication bypass and user impersonation.\u003cbr\u003e\u003c/span\u003e\u003cbr\u003eThis issue was fixed in version \u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e463\u003c/span\u003e."
                }
              ],
              "value": "Szafir SDK returns a success status code from the cryptographic digital signature verification process (i.e. /VerifyingTaskItem/Signature/VerificationResult/Result/@code == 0, \"Positively verified\") even when the trust status of the signer\u0027s certificate could not be established (i.e. /VerifyingTaskItem/Signature/VerificationResult/SigningCertificate/@certificateType == \"nondetermined\"). This causes consuming applications to incorrectly treat the signature as valid despite an unverified certificate chain, enabling authentication bypass and user impersonation.\n\nThis issue was fixed in version 463."
            }
          ],
          "impacts": [
            {
              "capecId": "CAPEC-115",
              "descriptions": [
                {
                  "lang": "en",
                  "value": "CAPEC-115 Authentication Bypass"
                }
              ]
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "Automatable": "NOT_DEFINED",
                "Recovery": "NOT_DEFINED",
                "Safety": "NOT_DEFINED",
                "attackComplexity": "LOW",
                "attackRequirements": "NONE",
                "attackVector": "NETWORK",
                "baseScore": 9.3,
                "baseSeverity": "CRITICAL",
                "privilegesRequired": "NONE",
                "providerUrgency": "NOT_DEFINED",
                "subAvailabilityImpact": "NONE",
                "subConfidentialityImpact": "NONE",
                "subIntegrityImpact": "NONE",
                "userInteraction": "NONE",
                "valueDensity": "NOT_DEFINED",
                "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N",
                "version": "4.0",
                "vulnAvailabilityImpact": "NONE",
                "vulnConfidentialityImpact": "HIGH",
                "vulnIntegrityImpact": "HIGH",
                "vulnerabilityResponseEffort": "NOT_DEFINED"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-637",
                  "description": "CWE-637 Unnecessary Complexity in Protection Mechanism (Not Using \u0027Economy of Mechanism\u0027)",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            },
            {
              "descriptions": [
                {
                  "cweId": "CWE-393",
                  "description": "CWE-393: Return of Wrong Status Code",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-05-25T13:23:09.157Z",
            "orgId": "4bb8329e-dd38-46c1-aafb-9bf32bcb93c6",
            "shortName": "CERT-PL"
          },
          "references": [
            {
              "tags": [
                "third-party-advisory"
              ],
              "url": "https://cert.pl/posts/2026/05/CVE-2026-9058"
            },
            {
              "tags": [
                "product"
              ],
              "url": "https://www.elektronicznypodpis.pl/"
            }
          ],
          "source": {
            "discovery": "EXTERNAL"
          },
          "title": "Improper Certificate Verification in Szafir SDK",
          "x_generator": {
            "engine": "Vulnogram 0.2.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "4bb8329e-dd38-46c1-aafb-9bf32bcb93c6",
        "assignerShortName": "CERT-PL",
        "cveId": "CVE-2026-9058",
        "datePublished": "2026-05-25T13:23:09.157Z",
        "dateReserved": "2026-05-20T06:36:10.929Z",
        "dateUpdated": "2026-05-26T15:58:01.602Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-9058 (GCVE-0-2026-9058)

    Vulnerability from cvelistv5 – Published: 2026-05-25 13:23 – Updated: 2026-05-26 15:58
    VLAI
    Title
    Improper Certificate Verification in Szafir SDK
    Summary
    Szafir SDK returns a success status code from the cryptographic digital signature verification process (i.e. /VerifyingTaskItem/Signature/VerificationResult/Result/@code == 0, "Positively verified") even when the trust status of the signer's certificate could not be established (i.e. /VerifyingTaskItem/Signature/VerificationResult/SigningCertificate/@certificateType == "nondetermined"). This causes consuming applications to incorrectly treat the signature as valid despite an unverified certificate chain, enabling authentication bypass and user impersonation. This issue was fixed in version 463.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-637 - Unnecessary Complexity in Protection Mechanism (Not Using 'Economy of Mechanism')
    • CWE-393 - Return of Wrong Status Code
    Assigner
    References
    Impacted products
    Vendor Product Version
    Krajowa Izba Rozliczeniowa Szafir SDK Affected: 0 , < 463 (custom)
    Create a notification for this product.
    Credits
    Michał Leszczyński (icedev.pl)
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-9058",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-05-26T15:57:55.171237Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-05-26T15:58:01.602Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "Szafir SDK",
              "vendor": "Krajowa Izba Rozliczeniowa",
              "versions": [
                {
                  "lessThan": "463",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "Micha\u0142 Leszczy\u0144ski (icedev.pl)"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eSzafir SDK returns a success status code from the cryptographic digital signature verification process (i.e. \u003ci\u003e/VerifyingTaskItem/Signature/VerificationResult/Result/@code == 0,\u003c/i\u003e \"Positively verified\") even when the trust status of the signer\u0027s certificate could not be established (i.e. \u003ci\u003e/VerifyingTaskItem/Signature/VerificationResult/SigningCertificate/@certificateType == \"nondetermined\")\u003c/i\u003e. This causes consuming applications to incorrectly treat the signature as valid despite an unverified certificate chain, enabling authentication bypass and user impersonation.\u003cbr\u003e\u003c/span\u003e\u003cbr\u003eThis issue was fixed in version \u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e463\u003c/span\u003e."
                }
              ],
              "value": "Szafir SDK returns a success status code from the cryptographic digital signature verification process (i.e. /VerifyingTaskItem/Signature/VerificationResult/Result/@code == 0, \"Positively verified\") even when the trust status of the signer\u0027s certificate could not be established (i.e. /VerifyingTaskItem/Signature/VerificationResult/SigningCertificate/@certificateType == \"nondetermined\"). This causes consuming applications to incorrectly treat the signature as valid despite an unverified certificate chain, enabling authentication bypass and user impersonation.\n\nThis issue was fixed in version 463."
            }
          ],
          "impacts": [
            {
              "capecId": "CAPEC-115",
              "descriptions": [
                {
                  "lang": "en",
                  "value": "CAPEC-115 Authentication Bypass"
                }
              ]
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "Automatable": "NOT_DEFINED",
                "Recovery": "NOT_DEFINED",
                "Safety": "NOT_DEFINED",
                "attackComplexity": "LOW",
                "attackRequirements": "NONE",
                "attackVector": "NETWORK",
                "baseScore": 9.3,
                "baseSeverity": "CRITICAL",
                "privilegesRequired": "NONE",
                "providerUrgency": "NOT_DEFINED",
                "subAvailabilityImpact": "NONE",
                "subConfidentialityImpact": "NONE",
                "subIntegrityImpact": "NONE",
                "userInteraction": "NONE",
                "valueDensity": "NOT_DEFINED",
                "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N",
                "version": "4.0",
                "vulnAvailabilityImpact": "NONE",
                "vulnConfidentialityImpact": "HIGH",
                "vulnIntegrityImpact": "HIGH",
                "vulnerabilityResponseEffort": "NOT_DEFINED"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-637",
                  "description": "CWE-637 Unnecessary Complexity in Protection Mechanism (Not Using \u0027Economy of Mechanism\u0027)",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            },
            {
              "descriptions": [
                {
                  "cweId": "CWE-393",
                  "description": "CWE-393: Return of Wrong Status Code",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-05-25T13:23:09.157Z",
            "orgId": "4bb8329e-dd38-46c1-aafb-9bf32bcb93c6",
            "shortName": "CERT-PL"
          },
          "references": [
            {
              "tags": [
                "third-party-advisory"
              ],
              "url": "https://cert.pl/posts/2026/05/CVE-2026-9058"
            },
            {
              "tags": [
                "product"
              ],
              "url": "https://www.elektronicznypodpis.pl/"
            }
          ],
          "source": {
            "discovery": "EXTERNAL"
          },
          "title": "Improper Certificate Verification in Szafir SDK",
          "x_generator": {
            "engine": "Vulnogram 0.2.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "4bb8329e-dd38-46c1-aafb-9bf32bcb93c6",
        "assignerShortName": "CERT-PL",
        "cveId": "CVE-2026-9058",
        "datePublished": "2026-05-25T13:23:09.157Z",
        "dateReserved": "2026-05-20T06:36:10.929Z",
        "dateUpdated": "2026-05-26T15:58:01.602Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }