CVE-2024-0553
Published: 16 January 2024
Summary
CVE-2024-0553 is a high-severity Observable Discrepancy (CWE-203) vulnerability in Redhat Enterprise Linux. Its CVSS base score is 7.5 (High).
Operationally, exploitation aligns with the MITRE ATT&CK technique Exploit Public-Facing Application (T1190); ranked in the top 22.3% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2024-16346
Vulnerability details
A vulnerability was found in GnuTLS. The response times to malformed ciphertexts in RSA-PSK ClientKeyExchange differ from the response times of ciphertexts with correct PKCS#1 v1.5 padding. This issue may allow a remote attacker to perform a timing side-channel attack…
more
in the RSA-PSK key exchange, potentially leading to the leakage of sensitive data. CVE-2024-0553 is designated as an incomplete resolution for CVE-2023-5981.
- CWE(s)
Related Threats
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
CVE-2024-0553 enables remote timing side-channel attacks on RSA-PSK key exchanges in GnuTLS, leaking sensitive cryptographic data (e.g., PSKs). This facilitates T1190 (exploiting public-facing TLS services) and T1212 (exploitation yielding credential/key access).
Affected Assets
Mitigating Controls
Likely Mitigating Controls AI
Per-CVE control mapping for this CVE has not run yet; the list below is derived from the weakness types (CWEs) cited in the NVD entry.
Misdirection can normalize or falsify responses to eliminate observable discrepancies that aid reconnaissance.
Observable discrepancies in system behavior can be modulated to create covert storage or timing channels; the required analysis detects and constrains such avenues.
Prevents attackers from using observable differences in error responses to infer internal system details or state.