CVE-2019-13132

CRITICAL

ZeroMQ libzmq < 4.0.9, 4.1.x < 4.1.7, 4.2.x < 4.3.2 - Unauthenticated Stack Overflow via CURVE Encryption/Authentication

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2019-13132. PoCs published by dinosn.

AI-analyzed exploit summary This repository contains a fully functional exploit for CVE-2019-13132, a stack buffer overflow in libzmq's CURVE INITIATE handshake handler. The exploit includes a Dockerized lab environment, a Python-based exploit script, and detailed technical documentation explaining the vulnerability and exploitation process.

Description

In ZeroMQ libzmq before 4.0.9, 4.1.x before 4.1.7, and 4.2.x before 4.3.2, a remote, unauthenticated client connecting to a libzmq application, running with a socket listening with CURVE encryption/authentication enabled, may cause a stack overflow and overwrite the stack with arbitrary data, due to a buffer overflow in the library. Users running public servers with the above configuration are highly encouraged to upgrade as soon as possible, as there are no known mitigations.

Exploits (1)

nomisec WORKING POC
by dinosn · poc
https://github.com/dinosn/cve-2019-13132-lab

This repository contains a fully functional exploit for CVE-2019-13132, a stack buffer overflow in libzmq's CURVE INITIATE handshake handler. The exploit includes a Dockerized lab environment, a Python-based exploit script, and detailed technical documentation explaining the vulnerability and exploitation process.

Classification
Working Poc 100%
Attack Type
Rce
Complexity
Moderate
Reliability
Reliable
Target: libzmq ≤ 4.3.1
No auth needed
Prerequisites: server's long-term public key
devstral-2 · analyzed May 19, 2026 Full analysis →

References (15)

Core 15
Core References
Mailing List, Release Notes, Third Party Advisory mailing-list
http://www.openwall.com/lists/oss-security/2019/07/08/6
Mailing List, Third Party Advisory mailing-list
https://lists.debian.org/debian-lts-announce/2019/07/msg00007.html
Third Party Advisory vendor-advisory
https://usn.ubuntu.com/4050-1/
Third Party Advisory vendor-advisory
https://www.debian.org/security/2019/dsa-4477
Mailing List, Third Party Advisory mailing-list
https://seclists.org/bugtraq/2019/Jul/13
Broken Link, Third Party Advisory, VDB Entry vdb-entry
http://www.securityfocus.com/bid/109284
Third Party Advisory vendor-advisory
https://security.gentoo.org/glsa/201908-17
Release Notes, Third Party Advisory
https://github.com/zeromq/libzmq/releases

Scores

CVSS v3 9.8
EPSS 0.2492
EPSS Percentile 96.2%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Details

CWE
CWE-787
Status published
Products (10)
canonical/ubuntu_linux 16.04
canonical/ubuntu_linux 18.04
canonical/ubuntu_linux 18.10
canonical/ubuntu_linux 19.04
debian/debian_linux 8.0
debian/debian_linux 9.0
fedoraproject/fedora 29
fedoraproject/fedora 30
fedoraproject/fedora 31
zeromq/libzmq < 4.0.9
Published Jul 10, 2019
Tracked Since Feb 18, 2026