4.7

CVSS Score

3.1

Basic Information

CVE ID

CVE-2019-13628

GHSA ID

GHSA-q95h-vc86-hv77

EPSS Score

0.35744%

CWE

CWE-203

Published

5/24/2022

Updated

9/25/2023

KEV Status

Technology

Python

Concerned about an active attack path?

Talk to our security experts and see Miggo in action.

Miggo Vulnerability Database

→

CVE-2019-13628

CVE-2019-13628: wolfCrypt leaks cryptographic information via timing side channel

wolfSSL and wolfCrypt 4.0.0 and earlier (when configured without --enable-fpecc, --enable-sp, or --enable-sp-math) contain a timing side channel in ECDSA signature generation. This allows a local attacker, able to precisely measure the duration of signature operations, to infer information about the nonces used and potentially mount a lattice attack to recover the private key used. The issue occurs because ecc.c scalar multiplication might leak the bit length.

(GitHub Advisory)

4.7

CVSS Score

3.1

Basic Information

CVE ID

CVE-2019-13628

GHSA ID

GHSA-q95h-vc86-hv77

EPSS Score

0.35744%

CWE

CWE-203

Published

5/24/2022

Updated

9/25/2023

KEV Status

Technology

Python

Technical Details

CVSS Vector

CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N

Package Name	Ecosystem	Vulnerable Versions	First Patched Version
wolfcrypt	pip	<= 4.0.0	4.1.0

Vulnerability Intelligence
Miggo AI

Root Cause Analysis

The vulnerability stems from non-constant-time scalar multiplication in ECDSA signature generation. wc_ecc_sign_hash is the entry point for signing, and ecc_mulmod implements the vulnerable multiplication. The advisory explicitly links the leak to ecc.c's scalar multiplication when secure configurations are disabled. These functions are central to the ECDSA process and match the described attack vector (bit-length leakage during scalar multiplication).

Vulnerable functions

Only Mi**o us*rs **n s** t*is s**tion

WAF Protection Rules

WAF Rule

wol*SSL *n* wol**rypt *.*.* *n* **rli*r (w**n *on*i*ur** wit*out `--*n**l*-*p***`, `--*n**l*-sp`, or` --*n**l*-sp-m*t*`) *ont*in * timin* si** ***nn*l in ***S* si*n*tur* **n*r*tion. T*is *llows * lo**l *tt**k*r, **l* to pr**is*ly m**sur* t** *ur*tion

Reasoning

T** vuln*r**ility st*ms *rom non-*onst*nt-tim* s**l*r multipli**tion in ***S* si*n*tur* **n*r*tion. w*_***_si*n_**s* is t** *ntry point *or si*nin*, *n* ***_mulmo* impl*m*nts t** vuln*r**l* multipli**tion. T** **visory *xpli*itly links t** l**k to **

4.7

Basic Information

Concerned about an active attack path?

CVE-2019-13628: wolfCrypt leaks cryptographic information via timing side channel

4.7

Basic Information

Technical Details

Vulnerability IntelligenceMiggo AI

Root Cause Analysis

Vulnerable functions

WAF Protection Rules

WAF Rule

Reasoning

Vulnerability Intelligence
Miggo AI