CVE-2023-24011
Published: 09 January 2025
Description
An attacker can arbitrarily craft malicious DDS Participants (or ROS 2 Nodes) with valid certificates to compromise and get full control of the attacked secure DDS databus system by exploiting vulnerable attributes in the configuration of PKCS#7 certificate’s validation. This is caused by a non-compliant implementation of permission document verification used by some DDS vendors. Specifically, an improper use of the OpenSSL PKCS7_verify function used to validate S/MIME signatures.
Security Summary
CVE-2023-24011 is a vulnerability arising from a non-compliant implementation of permission document verification in some DDS vendors, specifically due to improper use of the OpenSSL PKCS7_verify function for validating S/MIME signatures. It affects secure DDS databus systems, enabling exploitation through vulnerable attributes in the configuration of PKCS#7 certificate validation. Components impacted include DDS Participants and ROS 2 Nodes that rely on these mechanisms.
The attack scenario involves an unauthenticated attacker over the network (AV:N/AC:L/PR:N) crafting malicious DDS Participants or ROS 2 Nodes equipped with valid certificates. Successful exploitation grants full control over the targeted secure DDS databus system, with a CVSS v3.1 score of 8.2 (C:H/I:N/A:L/S:U), primarily exposing sensitive information (CWE-200) while causing limited availability impact.
Advisories and related discussions are available at https://gist.github.com/vmayoral/235c02d0b0ef85a29812eff6980ff80d and https://github.com/ros2/sros2/issues/282, which provide further details on the issue in the context of DDS and ROS 2 implementations.
Details
- CWE(s)