CVE-2026-4603
Division by Zero in jsrsasign RSA Key Parsing Causes Verification Bypass
Publication date: 2026-03-23
Last updated on: 2026-04-29
Assigner: Snyk
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| jsrsasign_project | jsrsasign | to 11.1.1 (exc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-369 | The product divides a value by zero. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
CVE-2026-4603 is a vulnerability in the jsrsasign library versions before 11.1.1 that affects RSA public key handling. The issue arises because the library accepts RSA public keys whose modulus decodes to zero, due to insufficient validation during key parsing and silent handling of division by zero in BigInteger arithmetic.
Specifically, the RSASetPublic function only checked that the modulus string length was greater than zero, not its numeric value, allowing a zero modulus to be accepted. Additionally, the BigInteger.modPowInt function silently returned zero when performing modular exponentiation with a zero modulus instead of throwing an error.
As a result, RSA operations such as signature verification and encryption degenerate into deterministic zero outputs, hiding invalid key errors and causing cryptographic operations to fail silently or produce invalid results.
How can this vulnerability impact me? :
This vulnerability can impact applications that import RSA public keys from untrusted sources without proper validation. An attacker can supply a malformed RSA public key with a zero modulus, causing RSA operations to produce constant zero outputs.
- Signature verification may fail silently, returning false without explicit errors.
- Encryption operations may produce outputs independent of the plaintext, undermining confidentiality.
- The malformed key is not rejected at import time, causing ambiguity between invalid keys and normal cryptographic failures.
- This can lead to security boundary confusion, robustness issues, and potential key-substitution attacks.
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
I don't know
How can this vulnerability be detected on my network or system? Can you suggest some commands?
[{'type': 'paragraph', 'content': 'This vulnerability can be detected by checking if your system or application is using a vulnerable version of the jsrsasign library (versions before 11.1.1) that accepts RSA public keys with a zero modulus.'}, {'type': 'paragraph', 'content': 'Specifically, detection involves verifying whether RSA public keys imported from JSON Web Keys (JWK) have a modulus that decodes to zero (e.g., base64url "AA" which decodes to 0x00).'}, {'type': 'paragraph', 'content': 'Since the vulnerability arises from accepting zero-modulus keys without error, you can test your system by attempting to import a JWK with a zero modulus and observing if it is accepted or rejected.'}, {'type': 'list_item', 'content': 'Create a JWK with modulus `n` set to "AA" (base64url for 0x00) and exponent `e` set to "AQAB" (65537).'}, {'type': 'list_item', 'content': "Use your application's key import function (e.g., `KEYUTIL.getKey()`) to import this JWK."}, {'type': 'list_item', 'content': 'If the key is accepted without error, the system is vulnerable.'}, {'type': 'list_item', 'content': 'Additionally, test RSA operations such as signature verification or encryption with this key; vulnerable systems will produce deterministic zero outputs or fail silently.'}, {'type': 'paragraph', 'content': 'There are no specific network commands provided in the resources, but detection focuses on verifying the jsrsasign library version and testing key import behavior with crafted zero-modulus JWKs.'}] [1, 3]
What immediate steps should I take to mitigate this vulnerability?
The immediate and recommended mitigation is to upgrade the jsrsasign library to version 11.1.1 or later, where this vulnerability has been fixed.
The fix includes enhanced validation in the RSA key import functions to reject RSA public keys with zero or invalid modulus values and modifications to the BigInteger arithmetic to throw errors on division by zero.
- Upgrade jsrsasign to version 11.1.1 or newer.
- Ensure that your application rejects RSA public keys with modulus less than or equal to 1 during import.
- Verify that your cryptographic operations throw errors on invalid keys rather than silently producing zero or invalid outputs.
If upgrading immediately is not possible, implement additional validation on RSA public keys before importing them, ensuring the modulus is a positive integer greater than 1.