CVE-2023-37192

HIGH

Bitcoin Core - Missing Encryption

Title source: rule

Description

Memory management and protection issues in Bitcoin Core v22 allows attackers to modify the stored sending address within the app's memory, potentially allowing them to redirect Bitcoin transactions to wallets of their own choosing.

References (3)

[Product] https://bitcoin.org/en/bitcoin-core/

[Exploit, Third Party Advisory] https://satoshihunter1.blogspot.com/2023/06/the-bitcoin-app-is-vulnerable-to-hackers.html

[Exploit, Third Party Advisory] https://www.youtube.com/watch?v=oEl4M1oZim0

Scores

CVSS v3 7.5

EPSS 0.0031

EPSS Percentile 54.3%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

CISA SSVC

Vulnrichment

Exploitation poc

Automatable yes

Technical Impact partial

Details

CWE

CWE-311

Status published

Products (1)

bitcoin/bitcoin_core 22.0

Published Jul 07, 2023

Tracked Since Feb 18, 2026