OpenSSL Certificate Processing DoS Vulnerability (CVE-2022-0778)
Advisory ID
WGSA-2022-00011
CVE
CVE-2022-0778
Impact
High
Status
Acknowledged
Product Family
Firebox,
Dimension,
Secure Wi-Fi
Published Date
Updated Date
Workaround Available
True
CVSS Score
7.5
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Summary
On 15 March 2022, OpenSSL disclosed CVE-2022-0778, a bug in the BN_mod_sqrt() function responsible for calculating a modular square root, that could cause it to loop forever by crafting a certificate with invalid elliptic curve parameters. An attacker could exploit this vulnerability to trigger a Denial of Service attack against a vulnerable process.
Affected
| Product | Affected Version(s) |
|---|---|
| Firebox | Fireware OS before 12.8_U1, 12.5.9_U2, 12.1.3_U8 |
| WSM | Releases before 12.8 build 656510 |
| Dimension | Mitigated via automatically applied security updates |
| TDR | Releases before 6.0.4.12045 |
| Cloud Wi-Fi APs | Not Impacted |
| DNSWatch | Not Impacted |
| Endpoint | Investigating |
Resolution
| Product | Fixed Version(s) |
|---|---|
| Firebox | Fireware OS 12.8_U1, 12.5.9_U2, 12.1.3_U8 |
| WSM | 12.8 build 656510 |
| Dimension | Mitigated via automatically applied security updates |
| TDR | 6.0.4.12045 |
Advisory Product List
| Product Family | Product Branch | Product List |
|---|---|---|
Firebox
|
Fireware OS 12.x | T20, T25, T40, T45, T55, T70, T80, T85, M270, M290, M370, M390, M470, M570, M590, M670, M690, M440, M4600, M4800, M5600, M5800, Firebox Cloud, Firebox NV5, FireboxV |
Firebox
|
Fireware OS 12.5.x | T15, T35 |
Dimension
|
Dimension | Dimension |
Secure Wi-Fi
|
Wi-Fi 4 & 5 | AP125, AP225W, AP325, AP327X, AP420 |
Secure Wi-Fi
|
Wi-Fi 6 | AP130, AP330, AP332CR, AP430CR, AP432 |