Login Sign Up

CVE-2020-36177

9.8 CRITICAL

📋 TL;DR

This vulnerability in wolfSSL's RSA-PSS padding implementation allows an out-of-bounds write when processing certain cryptographic operations. Attackers can exploit this to execute arbitrary code or cause denial of service. Any system using wolfSSL versions before 4.6.0 for RSA operations with specific key/digest size combinations is affected.

💻 Affected Systems

Products:
  • wolfSSL embedded SSL/TLS library
Versions: All versions before 4.6.0
Operating Systems: All platforms where wolfSSL is used
Default Config Vulnerable: ⚠️ Yes
Notes: Vulnerability triggers with specific RSA key sizes and digest algorithm combinations during RSA-PSS operations.

📦 What is this software?

Wolfssl by Wolfssl

View all CVEs affecting Wolfssl →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Remote code execution leading to complete system compromise, data theft, or ransomware deployment.

🟠

Likely Case

Denial of service through application crashes or memory corruption, potentially enabling further exploitation.

🟢

If Mitigated

Limited impact if proper input validation and memory protections are in place, but still poses significant risk.

🌐 Internet-Facing: HIGH - wolfSSL is commonly used in TLS implementations for internet-facing services.
🏢 Internal Only: MEDIUM - Internal services using wolfSSL could be exploited by authenticated attackers.

🎯 Exploit Status

Public PoC: ⚠️ Yes
Weaponized: LIKELY
Unauthenticated Exploit: ⚠️ Yes
Complexity: MEDIUM

Proof-of-concept exists in OSS-Fuzz reports. Exploitation requires specific cryptographic conditions but is feasible.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: 4.6.0 and later

Vendor Advisory: https://github.com/wolfSSL/wolfssl/releases/tag/v4.6.0-stable

Restart Required: Yes

Instructions:

1. Download wolfSSL 4.6.0 or later from official repository. 2. Replace existing wolfSSL installation. 3. Recompile applications using wolfSSL. 4. Restart affected services.

🔧 Temporary Workarounds

Disable RSA-PSS operations

all

Configure wolfSSL to disable RSA-PSS padding if not required

Configure with --disable-rsapss or set NO_RSA_BOUNDS_CHECK

🧯 If You Can't Patch

  • Implement network segmentation to isolate vulnerable systems
  • Deploy application firewalls to monitor and block suspicious cryptographic operations

🔍 How to Verify

Check if Vulnerable:

Check wolfSSL version: wolfSSL_lib_version() or examine library files. Versions < 4.6.0 are vulnerable.

Check Version:

wolfSSL_lib_version() or strings libwolfssl.so | grep -i version

Verify Fix Applied:

Verify version is 4.6.0 or later and check for commit 63bf5dc56ccbfc12a73b06327361687091a4c6f7 in source.

📡 Detection & Monitoring

Log Indicators:

  • Application crashes with memory corruption errors
  • Unexpected termination of SSL/TLS services

Network Indicators:

  • Malformed cryptographic handshakes targeting RSA-PSS

SIEM Query:

source="*wolfssl*" AND (event="segmentation fault" OR event="memory corruption")

📊 Metadata

CVE ID: CVE-2020-36177
CVSS v3 Score: 9.8 (CRITICAL)
CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CWE: CWE-787
Published: January 6, 2021
Last Updated: November 21, 2024

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2020-36177, you might also want to check these:

CVE-2022-43604 10.0

CVE-2022-43604 is a critical out-of-bounds write vulnerability in the OpENer EtherNet/IP stack that ...

Same vulnerability type (CWE-787)
CVE-2025-24201 10.0

This critical vulnerability allows malicious web content to break out of the Web Content sandbox via...

Same vulnerability type (CWE-787)
CVE-2020-14871 10.0

This is a critical buffer overflow vulnerability (CWE-787) in Oracle Solaris's Pluggable Authenticat...

Same vulnerability type (CWE-787)