CVE-2026-3192

MediumPublic PoC

Published: 25 February 2026

Published

25 February 2026

Modified

05 March 2026

KEV Added

—

Patch

—

CVSS Score 5.6 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L

EPSS Score 0.0028 51.1th percentile

Risk Priority 11 60% EPSS · 20% KEV · 20% CVSS

Description

A security vulnerability has been detected in Chia Blockchain 2.1.0. This issue affects the function _authenticate of the file rpc_server_base.py of the component RPC Credential Handler. The manipulation leads to improper authentication. The attack is possible to be carried out…

remotely. The attack is considered to have high complexity. The exploitability is assessed as difficult. The exploit has been disclosed publicly and may be used. The vendor was informed early via email. A separate report via bugbounty was rejected with the reason "This is by design. The user is responsible for host security".

Mitigating Controls (NIST 800-53 r5)AI

IA-8 Identification and Authentication (Non-organizational Users) good match

prevent

Requires identification and authentication for non-organizational users or processes, directly mitigating the improper authentication bypass in the RPC Credential Handler accessible remotely by unauthenticated attackers.

SC-7 Boundary Protection good match

prevent

Monitors and controls communications at external boundaries, preventing remote exploitation of the RPC authentication vulnerability by blocking unauthorized network access to the endpoint.

AC-17 Remote Access good match

prevent

Authorizes and manages remote access mechanisms, reducing exposure of the vulnerable RPC server to high-complexity remote attacks.

Security SummaryAI

CVE-2026-3192 is an improper authentication vulnerability affecting Chia Blockchain version 2.1.0, specifically in the _authenticate function within the rpc_server_base.py file of the RPC Credential Handler component. This flaw, mapped to CWE-287 (Improper Authentication) and CWE-306 (Missing Authentication for Critical Function), allows manipulation leading to authentication bypass. It carries a CVSS v3.1 base score of 5.6 (AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L), indicating network accessibility but high attack complexity.

The vulnerability can be exploited remotely by unauthenticated attackers (PR:N) over the network, though it requires high complexity and is assessed as difficult to exploit. Successful exploitation enables limited impacts on confidentiality, integrity, and availability (C:L/I:L/A:L), potentially allowing unauthorized access to RPC functions. A proof-of-concept exploit has been publicly disclosed and may be usable.

Advisories from VulDB (ctiid.347748 and id.347748) document the issue, with a GitHub repository (Danimlzg/chia-rpc-auth-bypass.git) providing exploit code. The vendor was notified early via email and a bug bounty report, but rejected remediation, stating it is "by design" and that users are responsible for host security; no patches or mitigations are mentioned.

Details

CWE(s): CWE-287 CWE-306

Affected Products

chia

blockchain

2.1.0

MITRE ATT&CK Enterprise TechniquesAI

T1190 Exploit Public-Facing Application Initial Access

Adversaries may attempt to exploit a weakness in an Internet-facing host or system to initially access a network.

attack.mitre.org →

Why these techniques?

The vulnerability is an authentication bypass in a network-accessible RPC server component, directly enabling exploitation of a public-facing application for unauthorized access.

Confidence: HIGH · MITRE ATT&CK Enterprise v19.0

References

https://github.com/Danimlzg/chia-rpc-auth-bypass.git
Exploit, Third Party Advisory · cna@vuldb.com
https://vuldb.com/?ctiid.347748
Permissions Required, VDB Entry · cna@vuldb.com
https://vuldb.com/?id.347748
Third Party Advisory, VDB Entry · cna@vuldb.com