CVE-2024-49364
Awaiting Analysis Awaiting Analysis - Queue
BaseFortify

Publication date: 2025-07-01

Last updated on: 2025-07-03

Assigner: GitHub, Inc.

Description
tiny-secp256k1 is a tiny secp256k1 native/JS wrapper. Prior to version 1.1.7, a private key can be extracted on signing a malicious JSON-stringifiable object, when global Buffer is the buffer package. This affects only environments where require('buffer') is the NPM buffer package. The Buffer.isBuffer check can be bypassed, resulting in k reuse for different messages, leading to private key extraction over a single invalid message (and a second one for which any message/signature could be taken, e.g. previously known valid one). This issue has been patched in version 1.1.7.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2025-07-01
Last Modified
2025-07-03
Generated
2026-05-07
AI Q&A
2025-07-01
EPSS Evaluated
2026-05-05
NVD
CVE-2024-49364
Affected Vendors & Products
Currently, no data is known.
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-522 The product transmits or stores authentication credentials, but it uses an insecure method that is susceptible to unauthorized interception and/or retrieval.
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?

CVE-2024-49364 is a critical vulnerability in the tiny-secp256k1 library versions up to 1.1.6. It allows an attacker to extract the full private key by signing a malicious JSON-stringifiable message in environments where the global Buffer object is provided by the 'buffer' package. The vulnerability occurs because the Buffer.isBuffer check can be bypassed, causing the reuse of the nonce (k) for different messages. This nonce reuse enables the attacker to recover the private key by comparing the signature of the malicious message with a previously known valid signature. The issue is fixed in version 1.1.7. [2]


How can this vulnerability impact me? :

This vulnerability can lead to a full private key compromise if an attacker can trick the system into signing a maliciously crafted message. Once the private key is extracted, the attacker can impersonate the key owner, forge signatures, and perform unauthorized actions that rely on the compromised key. This is especially critical in cryptographic applications relying on tiny-secp256k1 for secure signing. [2]


How can this vulnerability be detected on my network or system? Can you suggest some commands?

This vulnerability can be detected by identifying if your environment uses tiny-secp256k1 versions up to 1.1.6 and if the global Buffer object is provided by the 'buffer' package (common in browser bundles or React Native apps). Detection involves checking the version of tiny-secp256k1 installed and verifying if signing operations accept malicious JSON-stringifiable objects that could bypass Buffer.isBuffer checks. Specific commands to check the installed version include: `npm list tiny-secp256k1` or `yarn list tiny-secp256k1`. Additionally, monitoring signing operations for suspicious or malformed JSON-stringifiable inputs could help detect exploitation attempts. However, no explicit detection commands for the exploit itself are provided in the resources. [2]


What immediate steps should I take to mitigate this vulnerability?

The immediate mitigation step is to upgrade tiny-secp256k1 to version 1.1.7 or later, where the vulnerability is patched. Alternatively, upgrading to version 2.x of tiny-secp256k1 also mitigates the issue, as it enforces inputs to be actual Uint8Array instances, preventing the Buffer.isBuffer bypass. Avoid signing untrusted or attacker-controlled JSON-stringifiable messages in affected environments. Applying these updates and avoiding risky signing operations will prevent private key extraction via this vulnerability. [1, 2]


Ask Our AI Assistant
Need more information? Ask your question to get an AI reply (Powered by our expertise)
0/70
EPSS Chart