Cyber Resilience

CVE-2024-36405

Medium

Published: 10 June 2024

Published
10 June 2024
Modified
20 August 2025
KEV Added
Patch
CVSS Score v3.1 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
EPSS Score 0.0045 64.2th percentile
Risk Priority 12 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2024-36405 is a medium-severity Observable Timing Discrepancy (CWE-208) vulnerability in Openquantumsafe Liboqs. Its CVSS base score is 5.9 (Medium).

Operationally, exploitation aligns with the MITRE ATT&CK technique Exploitation for Credential Access (T1212); ranked in the top 35.8% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog.

EU & UK References

Vulnerability details

liboqs is a C-language cryptographic library that provides implementations of post-quantum cryptography algorithms. A control-flow timing lean has been identified in the reference implementation of the Kyber key encapsulation mechanism when it is compiled with Clang 15-18 for `-Os`, `-O1`,…

more

and other compilation options. A proof-of-concept local attack on the reference implementation leaks the entire ML-KEM 512 secret key in ~10 minutes using end-to-end decapsulation timing measurements. The issue has been fixed in version 0.10.1. As a possible workaround, some compiler options may produce vectorized code that does not leak secret information, however relying on these compiler options as a workaround may not be reliable.

CWE(s)

Related Threats

MITRE ATT&CK Enterprise TechniquesAI

T1212 Exploitation for Credential Access Credential Access
Adversaries may exploit software vulnerabilities in an attempt to collect credentials.
Why these techniques?

The side-channel timing vulnerability in liboqs Kyber KEM enables local attackers to exploit the implementation and recover secret keys via decapsulation timing measurements, mapping to Exploitation for Credential Access.

Affected Assets

openquantumsafe
liboqs
≤ 0.10.1

Mitigating Controls

Likely Mitigating Controls AI

Per-CVE control mapping for this CVE has not run yet; the list below is derived from the weakness types (CWEs) cited in the NVD entry.

addresses: CWE-385 CWE-208

Directly targets covert timing channels by requiring identification and bandwidth estimation, enabling mitigation that reduces or eliminates their usability.

addresses: CWE-208

Timing randomization or delays can mask true operation timing and mislead timing-based attacks.

References