CVE-2023-37192

HIGH

Bitcoin Core v22 - Memory Corruption and Unauthorized Transaction Redirection

Title source: llm

Description

Memory management and protection issues in Bitcoin Core v22 allows attackers to modify the stored sending address within the app's memory, potentially allowing them to redirect Bitcoin transactions to wallets of their own choosing.

References (3)

Core 3

Core References

Product

https://bitcoin.org/en/bitcoin-core/

Exploit, Third Party Advisory

https://satoshihunter1.blogspot.com/2023/06/the-bitcoin-app-is-vulnerable-to-hackers.html

Exploit, Third Party Advisory

https://www.youtube.com/watch?v=oEl4M1oZim0

Scores

CVSS v3 7.5

EPSS 0.0046

EPSS Percentile 36.3%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

CISA SSVC

Vulnrichment

Exploitation poc

Automatable yes

Technical Impact partial

Details

CWE

CWE-311

Status published

Products (1)

bitcoin/bitcoin_core 22.0

Published Jul 07, 2023

Tracked Since Feb 18, 2026