CVE-2025-13470
Unknown Unknown - Not Provided
BaseFortify

Publication date: 2025-11-21

Last updated on: 2025-11-21

Assigner: Ribose Limited

Description
In RNP version 0.18.0 a refactoring regression causes the symmetric session key used for Public-Key Encrypted Session Key (PKESK) packets to be left uninitialized except for zeroing, resulting in it always being an all-zero byte array. Any data encrypted using public-key encryption in this release can be decrypted trivially by supplying an all-zero session key, fully compromising confidentiality. The vulnerability affects only public key encryption (PKESK packets).Β  Passphrase-based encryption (SKESK packets) is not affected. Root cause: Vulnerable session key buffer used in PKESK packet generation. The defect was introduced in commit `7bd9a8dc356aae756b40755be76d36205b6b161a` where initialization logic inside `encrypted_build_skesk()` only randomized the key for the SKESK path and omitted it for the PKESK path.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2025-11-21
Last Modified
2025-11-21
Generated
2026-06-16
AI Q&A
2025-11-21
EPSS Evaluated
2026-06-15
NVD
CVE-2025-13470
EUVD
EUVD-2025-198494
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
rnp rnp *
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-330 The product uses insufficiently random numbers or values in a security context that depends on unpredictable numbers.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

In RNP version 0.18.0, a refactoring regression caused the symmetric session key used for Public-Key Encrypted Session Key (PKESK) packets to be left uninitialized except for zeroing, resulting in it always being an all-zero byte array. This means that any data encrypted using public-key encryption in this release can be decrypted trivially by supplying an all-zero session key, fully compromising confidentiality. The vulnerability only affects public key encryption (PKESK packets) and not passphrase-based encryption (SKESK packets).

Impact Analysis

This vulnerability allows an attacker to trivially decrypt any data encrypted using public-key encryption in the affected RNP version by using an all-zero session key. This fully compromises the confidentiality of the encrypted data, meaning sensitive information can be exposed without requiring the original encryption keys or passphrases.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2025-13470. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart