CVE-2023-24012

HIGH LAB

DDS System <PKCS#7 - RCE

Title source: llm

Description

An attacker can arbitrarily craft malicious DDS Participants (or ROS 2 Nodes) with valid certificates to compromise and get full control of the attacked secure DDS databus system by exploiting vulnerable attributes in the configuration of PKCS#7 certificate’s validation. This is caused by a non-compliant implementation of permission document verification used by some DDS vendors. Specifically, an improper use of the OpenSSL PKCS7_verify function used to validate S/MIME signatures.

Exploits (1)

nomisec WORKING POC 1 stars

by SafeLock-D2E · poc

https://github.com/SafeLock-D2E/Quiksand-CVE-2023-24012

View Code ZIP pw:eip

References (2)

[Various Sources] https://gist.github.com/vmayoral/235c02d0b0ef85a29812eff6980ff80d

[Issue Tracking] https://github.com/ros2/sros2/issues/282

Scores

CVSS v3 8.2

EPSS 0.0012

EPSS Percentile 30.6%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:L

CISA SSVC

Vulnrichment

Exploitation poc

Automatable yes

Technical Impact partial

Lab Environment

COMMUNITY

Community Lab

docker pull tiryoh/ros2:foxy-20230129T0227

https://github.com/SafeLock-D2E/Quiksand-CVE-2023-24012

View in Library

Details

CWE

CWE-200

Status published

Products (1)

OpenDDS/DDS all versions

Published Jan 09, 2025

Tracked Since Feb 18, 2026