Dear OpenXPKI Fellows,we want to inform you about a recently discovered critical vulnerability in OpenXPKI.
On affected systems, successful exploitation of the security flaw allows the targeted manipulation of certificate data during issuance, including the ability to authorize the issued certificate to issue further certificates (acting as a CA).
The default configuration of the community edition can be attacked by sending crafted PKCS#10 containers via SCEP or EST as outlined in the advisory. All published versions of OpenXPKI are affected! A new release 3.32.16 fixing the issue is now available on the package servers and also as Docker container. *Note: The new release introduces a semantic validation of SAN items, therefore "abusing" e.g. DNS SAN items to transport arbitrary strings will no longer work!*
Further details can be found in our security advisory WRS-SA-2026-001, available for download at https://www.openxpki.org/download/WRS-SA-2026-001.pdf.
Kudos to Alex Klink for spotting and reporting this to us. with best regards from the OpenXPKI team. Oliver -- White Rabbit Security GmbH, Werner-Heisenberg-Str. 8, 85254 Sulzemoos Contact: +49 8135 314 000-0,[email protected] Director: Martin Bartosch, Scott T. Hardin, Dr. Oliver Welter
smime.p7s
Description: S/MIME Cryptographic Signature
_______________________________________________ OpenXPKI-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/openxpki-users
