CVE-2026-42769— OpenSSL 信任管理问题漏洞
获取后续新漏洞提醒登录后订阅
一、 漏洞 CVE-2026-42769 基础信息
漏洞信息
对漏洞内容有疑问?看看神龙的深度分析是否有帮助!
查看神龙十问 ↗ 尽管我们使用了先进的大模型技术,但其输出仍可能包含不准确或过时的信息。神龙努力确保数据的准确性,但请您根据实际情况进行核实和判断。
Vulnerability Title
Trust-Anchor Substitution via cert/issuer Typo in CMP rootCaKeyUpdate
来源: 美国国家漏洞数据库 NVD
Vulnerability Description
Issue Summary: An error in the callback used to verify the certificate provided in a Root CA key update Certificate Management Protocol (CMP) message response rendered the certificate validation ineffectual, which could lead to escalation of credentials from the Registration Authority (RA) level to the root Certification Authority (root CA) level. Impact Summary: The Registration Autority could replace the root CA certificate for the CMP clients with an arbitrary root CA certificate. One of the parts of the Certificate Management Protocol (CMP), specified in RFC 9810, is Root Certification Authority (root CA) key Rollover, which is sent by the server in a message with type 'id-it-rootCaKeyUpdate'. As part of these messages, 'newWithOld' certificate, the new root CA certificate signed with the old root CA key, is provided, and verifying its signature is crucial for transferring the trust from the old CA key to the new one. The 'id-it-rootCaKeyUpdate' messages are expected to be processed with OSSL_CMP_get1_rootCaKeyUpdate(), that is expected to verify the 'newWithOld' certificate. A typo in the certificate chain building code led to adding an incorrect certificate ('newWithOld' instead of 'oldRoot') to the certificate chain, rendering the certificate verification process ineffectual (only the issuer name and the algorithm OIDs were verified by other parts of the verification code). An attacker who already has credentials that satisfy the CMP message protection checks can generate a new key pair and use a crafted self-signed certificate in its 'id-it-rootCaKeyUpdate' CMP messages which affected CMP clients would accept as a new trust anchor. Significant preconditions for the attack (having valid RA-level credentials) are the reason the issue was assigned Low severity. The FIPS modules are not affected by this issue, as the affected code is outside the OpenSSL FIPS module boundary.
来源: 美国国家漏洞数据库 NVD
CVSS Information
N/A
来源: 美国国家漏洞数据库 NVD
Vulnerability Type
证书验证不恰当
来源: 美国国家漏洞数据库 NVD
Vulnerability Title
OpenSSL 信任管理问题漏洞
来源: 中国国家信息安全漏洞库 CNNVD
Vulnerability Description
OpenSSL是OpenSSL团队的一个开源的能够实现安全套接层(SSLv2/v3)和安全传输层(TLSv1)协议的通用加密库。该产品支持多种加密算法,包括对称密码、哈希算法、安全散列算法等。 OpenSSL存在信任管理问题漏洞,该漏洞源于处理Root CA密钥更新CMP消息时证书验证无效,可能导致凭证升级。
来源: 中国国家信息安全漏洞库 CNNVD
CVSS Information
N/A
来源: 中国国家信息安全漏洞库 CNNVD
Vulnerability Type
N/A
来源: 中国国家信息安全漏洞库 CNNVD
受影响产品
二、漏洞 CVE-2026-42769 的公开POC
| # | POC 描述 | 源链接 | 神龙链接 |
|---|
AI 生成 POC高级
未找到公开 POC。
登录以生成 AI POC三、漏洞 CVE-2026-42769 的情报信息
请登录查看更多情报信息。
CVE-2026-42769 补丁与修复 (4)
CVE-2026-42769 厂商安全公告 (1)
同批安全公告 · OpenSSL · 2026-06-09 · 共 18 条
| CVE-2026-45445 | OpenSSL 安全漏洞 | |
| CVE-2026-34183 | OpenSSL 安全漏洞 | |
| CVE-2026-34181 | OpenSSL 安全漏洞 | |
| CVE-2026-34180 | OpenSSL 缓冲区错误漏洞 | |
| CVE-2026-34182 | OpenSSL 安全漏洞 | |
| CVE-2026-9076 | OpenSSL 缓冲区错误漏洞 | |
| CVE-2026-35188 | OpenSSL 资源管理错误漏洞 | |
| CVE-2026-7383 | OpenSSL 缓冲区错误漏洞 | |
| CVE-2026-45446 | OpenSSL 安全漏洞 | |
| CVE-2026-42771 | OpenSSL 缓冲区错误漏洞 | |
| CVE-2026-45447 | OpenSSL 资源管理错误漏洞 | |
| CVE-2026-42768 | OpenSSL 安全漏洞 | |
| CVE-2026-42767 | OpenSSL 代码问题漏洞 | |
| CVE-2026-42766 | OpenSSL 代码问题漏洞 | |
| CVE-2026-42764 | OpenSSL 代码问题漏洞 | |
| CVE-2026-42770 | OpenSSL 安全漏洞 | |
| CVE-2026-42765 | OpenSSL 代码问题漏洞 |
IV. Related Vulnerabilities
V. Comments for CVE-2026-42769
暂无评论