CVE-2017-13099

HIGH

Wolfssl < 3.12.2 - Information Disclosure

Title source: rule

Description

wolfSSL prior to version 3.12.2 provides a weak Bleichenbacher oracle when any TLS cipher suite using RSA key exchange is negotiated. An attacker can recover the private key from a vulnerable wolfSSL application. This vulnerability is referred to as "ROBOT."

References (6)

[Third Party Advisory] http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2018-002.txt

[Issue Tracking, Mitigation, Third Party Advisory, US Government Resource] http://www.kb.cert.org/vuls/id/144389

[Issue Tracking, Mitigation, Third Party Advisory, VDB Entry] http://www.securityfocus.com/bid/102174

[Third Party Advisory] https://cert-portal.siemens.com/productcert/pdf/ssa-464260.pdf

[Issue Tracking, Patch, Third Party Advisory] https://github.com/wolfSSL/wolfssl/pull/1229

[Issue Tracking, Third Party Advisory] https://robotattack.org/

Scores

CVSS v3 7.5

EPSS 0.7871

EPSS Percentile 99.1%

Attack Vector NETWORK

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Details

CWE

CWE-203

Status published

Products (4)

arubanetworks/instant < 6.5.4.6

siemens/scalance_w1750d_firmware < 8.3.0.1

wolfssl/wolfssl < 3.12.2

wolfSSL/wolfSSL <3.12.2

Published Dec 13, 2017

Tracked Since Feb 18, 2026