CVE-2017-1000417

CVE-2017-1000417

EPSS 0.7%

MatrixSSL version 3.7.2 adopts a collision-prone OID comparison logic resulting in possible spoofing of OIDs (e.g. in ExtKeyUsage extension) on X.509 certificates.

Affected products

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://github.com/matrixssl/matrixssl/blob/master/doc/CHANGES.md https://www.ieee-security.org/TC/SP2017/papers/231.pdf https://www.youtube.com/watch?v=FW--c_F_cY8