CVE-2023-24012
Published: 09 January 2025
Description
An attacker can arbitrarily craft malicious DDS Participants (or ROS 2 Nodes) with valid certificates to compromise and get full control of the attacked secure DDS databus system by exploiting vulnerable attributes in the configuration of PKCS#7 certificate’s validation. This is caused by a non-compliant implementation of permission document verification used by some DDS vendors. Specifically, an improper use of the OpenSSL PKCS7_verify function used to validate S/MIME signatures.
Security Summary
CVE-2023-24012 is a vulnerability in the validation of PKCS#7 certificates within secure DDS databus systems. It affects DDS Participants or ROS 2 Nodes in implementations by some DDS vendors that employ a non-compliant permission document verification process. The issue stems from an improper use of the OpenSSL PKCS7_verify function when validating S/MIME signatures, allowing exploitation of vulnerable attributes in certificate configurations. The vulnerability carries a CVSS score of 8.2 (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:L) and maps to CWE-200 (Exposure of Sensitive Information to an Unauthorized Actor). It was published on 2025-01-09T15:15:11.810.
A remote attacker requires no privileges or user interaction to exploit this vulnerability over the network with low complexity. By arbitrarily crafting malicious DDS Participants or ROS 2 Nodes equipped with valid certificates, the attacker can compromise the targeted secure DDS databus system and gain full control over it. This results in high-impact confidentiality loss, such as exposure of sensitive data, alongside low-impact availability disruption.
Advisories and discussions are documented in references including a GitHub issue at https://github.com/ros2/sros2/issues/282 and technical gists at https://gist.github.com/vmayoral/235c02d0b0ef85a29812eff6980ff80d.
Details
- CWE(s)