CVE-2023-33241

CVSS 3.1 Score 9.1 of 10 (high)

Details

Published Aug 9, 2023

Updated: Aug 25, 2023

CWE ID 74

Summary

CVE-2023-33241 is a vulnerability affecting crypto wallets that use the GG18 or GG20 Threshold Signature Scheme (TSS) protocol. An attacker can exploit this issue by injecting a malicious pallier key and manipulating range proofs, potentially extracting a full ECDSA private key from other parties. The success of the attack depends on specific beta parameters set in the protocol implementation, with some requiring as many as 16 signatures.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/sSB2AF
https://www.cve.org/CVERecord?id=CVE-2023-33241
https://nvd.nist.gov/vuln/detail/CVE-2023-33241

Back to Vulnerability Database

CVE-2023-33241

CVSS 3.1 Score 9.1 of 10 (high)

Details

Summary

Advisories, Assessments, and Mitigations