CVE-2025-13470
BaseFortify
Publication date: 2025-11-21
Last updated on: 2025-11-21
Assigner: Ribose Limited
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| rnp | rnp | * |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-330 | The product uses insufficiently random numbers or values in a security context that depends on unpredictable numbers. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
In RNP version 0.18.0, a refactoring regression caused the symmetric session key used for Public-Key Encrypted Session Key (PKESK) packets to be left uninitialized except for zeroing, resulting in it always being an all-zero byte array. This means that any data encrypted using public-key encryption in this release can be decrypted trivially by supplying an all-zero session key, fully compromising confidentiality. The vulnerability only affects public key encryption (PKESK packets) and not passphrase-based encryption (SKESK packets).
How can this vulnerability impact me? :
This vulnerability allows an attacker to trivially decrypt any data encrypted using public-key encryption in the affected RNP version by using an all-zero session key. This fully compromises the confidentiality of the encrypted data, meaning sensitive information can be exposed without requiring the original encryption keys or passphrases.