{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-05-05T02:10:22.904","vulnerabilities":[{"cve":{"id":"CVE-2023-43634","sourceIdentifier":"cve@asrg.io","published":"2023-09-21T14:15:11.477","lastModified":"2024-11-21T08:24:30.747","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"\nWhen sealing/unsealing the “vault” key, a list of PCRs is used, which defines which PCRs\nare used.\n\nIn a previous project, CYMOTIVE found that the configuration is not protected by the secure\nboot, and in response Zededa implemented measurements on the config partition that was\nmapped to PCR 13.\n\nIn that process, PCR 13 was added to the list of PCRs that seal/unseal the key.\n\nIn commit “56e589749c6ff58ded862d39535d43253b249acf”, the config partition\nmeasurement moved from PCR 13 to PCR 14, but PCR 14 was not added to the list of\nPCRs that seal/unseal the key.\n\nThis change makes the measurement of PCR 14 effectively redundant as it would not affect\nthe sealing/unsealing of the key.\n\n\n\nAn attacker could modify the config partition without triggering the measured boot, this could\nresult in the attacker gaining full control over the device with full access to the contents of the\nencrypted “vault”\n\n\n\n\n"},{"lang":"es","value":"Al sellar/abrir la clave de “vault”, se utiliza una lista de PCRs, que define qué PCRs se utilizan. En un proyecto anterior, CYMOTIVE descubrió que la configuración no está protegida por el arranque seguro y, en respuesta, Zededa implementó medidas en la partición de configuración que estaba asignada a PCR 13. En ese proceso, PCR 13 se agregó a la lista de PCRs que sellan /abrir la llave. En el commit “56e589749c6ff58ded862d39535d43253b249acf”, la medición de la partición de configuración pasó de PCR 13 a PCR 14, pero PCR 14 no se agregó a la lista de PCR que sellan/abren la clave. Este cambio hace que la medición de PCR 14 sea efectivamente redundante ya que no afectaría el sellado/abrir de la llave. Un atacante podría modificar la partición de configuración sin activar el arranque medido, lo que podría dar como resultado que el atacante obtenga control total sobre el dispositivo con acceso completo al contenido de la \"vault\" cifrada."}],"metrics":{"cvssMetricV31":[{"source":"cve@asrg.io","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"CHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.0,"impactScore":6.0},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"CHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.0,"impactScore":6.0}]},"weaknesses":[{"source":"cve@asrg.io","type":"Secondary","description":[{"lang":"en","value":"CWE-522"},{"lang":"en","value":"CWE-922"}]},{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-522"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:lfedge:eve:*:*:*:*:*:*:*:*","versionEndExcluding":"8.6.0","matchCriteriaId":"95D311A8-5FBD-49AF-AD11-8B78420BAEAE"},{"vulnerable":true,"criteria":"cpe:2.3:o:lfedge:eve:*:*:*:*:*:*:*:*","versionStartIncluding":"9.0.0","versionEndExcluding":"9.5.0","matchCriteriaId":"A3648A14-186C-4E6A-AA73-7D2F5C78019D"}]}]}],"references":[{"url":"https://asrg.io/security-advisories/cve-2023-43634/","source":"cve@asrg.io","tags":["Third Party Advisory"]},{"url":"https://asrg.io/security-advisories/cve-2023-43634/","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]}]}}]}