CVE-2025-27587
BaseFortify
Publication date: 2025-06-16
Last updated on: 2025-06-26
Assigner: MITRE
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-385 | Covert timing channels convey information by modulating some aspect of system behavior over time, so that the program receiving the information can observe system behavior and infer protected information. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability affects OpenSSL versions 3.0.0 through 3.3.2 on the PowerPC architecture. It is a side-channel attack called the Minerva attack, where an attacker measures the time taken to sign random messages using the EVP_DigestSign API. By analyzing the timing differences, the attacker can extract the private key's nonce (K value) from the signatures. The attack exploits a timing side-channel in the P-364 curve, allowing private key extraction based on statistical tests comparing signing times of different nonce sizes. However, this attack requires the attacker to run a process on the same physical system, making detection of the timing signal infeasible otherwise.
How can this vulnerability impact me? :
If exploited, this vulnerability can lead to the extraction of private cryptographic keys used in OpenSSL on affected systems. This compromises the confidentiality and integrity of cryptographic operations, potentially allowing attackers to forge signatures or decrypt sensitive data. However, exploitation requires the attacker to have the capability to run code on the same physical system, limiting the practical impact to scenarios where local access or co-residency is possible.
How can this vulnerability be detected on my network or system? Can you suggest some commands?
This vulnerability is a side-channel attack that requires measuring the timing of signing operations on the same physical system where the vulnerable OpenSSL version is running. The timing differences are very small and infeasible to detect remotely or on a network. Detection would require running an attacking process locally to measure signing times using the EVP_DigestSign API and performing statistical analysis on the nonce sizes. There are no specific commands provided to detect this vulnerability on a network or system remotely.
What immediate steps should I take to mitigate this vulnerability?
Since the vulnerability is a side-channel attack that requires local access and running an attacking process on the same physical system, immediate mitigation steps include restricting untrusted local access to the system and ensuring that only trusted processes can perform signing operations. Additionally, updating OpenSSL to a version later than 3.3.2 (if available) or applying any vendor patches addressing this issue would be recommended. Note that the OpenSSL security policy considers such side channels outside the threat model, so mitigation may focus on system access controls.