{"vulnerability": "cve-2021-36647", "sightings": [{"uuid": "40f7732f-423c-4680-a6c7-3082f7198fff", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-36647", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/11007", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2021-36647\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: Use of a Broken or Risky Cryptographic Algorithm in the function mbedtls_mpi_exp_mod() in lignum.c in Mbed TLS Mbed TLS all versions before 3.0.0, 2.27.0 or 2.16.11 allows attackers with access to precise enough timing and memory access information (typically an untrusted operating system attacking a secure enclave such as SGX or the TrustZone secure world) to recover the private keys used in RSA.\n\ud83d\udccf Published: 2023-01-17T00:00:00.000Z\n\ud83d\udccf Modified: 2025-04-08T20:31:32.007Z\n\ud83d\udd17 References:\n1. https://kouzili.com/Load-Step.pdf\n2. https://github.com/ARMmbed/mbedtls/releases/\n3. https://tls.mbed.org/tech-updates/security-advisories/mbedtls-security-advisory-2021-07-1", "creation_timestamp": "2025-04-08T20:46:53.000000Z"}, {"uuid": "b576c6f3-9b46-4f1a-b339-7b72b8666f4f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-36647", "type": "seen", "source": "https://t.me/cibsecurity/56623", "content": "\u203c CVE-2021-36647 \u203c\n\nUse of a Broken or Risky Cryptographic Algorithm in the function mbedtls_mpi_exp_mod() in lignum.c in Mbed TLS Mbed TLS all versions before 3.0.0, 2.27.0 or 2.16.11 allows attackers with access to precise enough timing and memory access information (typically an untrusted operating system attacking a secure enclave such as SGX or the TrustZone secure world) to recover the private keys used in RSA.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-01-18T00:15:23.000000Z"}]}