Login Sign Up

CVE-2022-26534

7.5 HIGH
Denial of Service

📋 TL;DR

This vulnerability in FISCO-BCOS blockchain nodes allows a malicious node to send specially crafted viewchange packets that cause normal nodes to excessively change their view state, ultimately stopping block generation. This affects all FISCO-BCOS blockchain networks running the vulnerable version, potentially disrupting consensus and halting transaction processing.

💻 Affected Systems

Products:
  • FISCO-BCOS
Versions: release-3.0.0-rc2
Operating Systems: All platforms running FISCO-BCOS
Default Config Vulnerable: ⚠️ Yes
Notes: Only affects FISCO-BCOS blockchain consensus nodes. Requires a malicious node to be part of the consensus network.

📦 What is this software?

Fisco Bcos by Fisco Bcos

View all CVEs affecting Fisco Bcos →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete network disruption where all normal nodes stop generating blocks, halting all transaction processing and consensus across the blockchain network.

🟠

Likely Case

Targeted disruption of specific nodes or network segments causing intermittent block generation failures and degraded network performance.

🟢

If Mitigated

Minimal impact with proper network segmentation and node authentication preventing malicious nodes from joining the network.

🌐 Internet-Facing: MEDIUM - While blockchain nodes often communicate over networks, exploitation requires joining the consensus network which typically requires authentication.
🏢 Internal Only: HIGH - Once a malicious node joins the internal blockchain network, it can disrupt consensus across all connected nodes.

🎯 Exploit Status

Public PoC: ✅ No
Weaponized: LIKELY
Unauthenticated Exploit: ✅ No
Complexity: MEDIUM

Exploitation requires the attacker to operate a malicious node within the blockchain network and craft specific viewchange packets. The vulnerability is well-documented in the GitHub issue.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Versions after release-3.0.0-rc2

Vendor Advisory: https://github.com/FISCO-BCOS/FISCO-BCOS/issues/2211

Restart Required: Yes

Instructions:

1. Upgrade FISCO-BCOS to a version after release-3.0.0-rc2. 2. Restart all blockchain nodes. 3. Verify consensus is functioning properly.

🔧 Temporary Workarounds

Network Segmentation and Node Authentication

all

Implement strict node authentication and network segmentation to prevent unauthorized nodes from joining the consensus network.

Rate Limiting View Changes

all

Implement rate limiting on viewchange message processing to prevent excessive view changes.

🧯 If You Can't Patch

  • Implement strict node whitelisting and authentication mechanisms
  • Monitor network for abnormal viewchange patterns and isolate suspicious nodes

🔍 How to Verify

Check if Vulnerable:

Check FISCO-BCOS version: if running release-3.0.0-rc2, the system is vulnerable.

Check Version:

Check FISCO-BCOS configuration files or run the node with version flag to confirm current version.

Verify Fix Applied:

Verify the version is newer than release-3.0.0-rc2 and monitor for normal block generation without excessive view changes.

📡 Detection & Monitoring

Log Indicators:

  • Excessive viewchange messages in logs
  • Abnormal frequency of view state changes
  • Block generation stopping or slowing significantly

Network Indicators:

  • Unusual spike in viewchange network packets
  • Consensus protocol anomalies
  • Nodes failing to reach consensus

SIEM Query:

Search for patterns of excessive viewchange events or consensus failures in blockchain node logs

📊 Metadata

CVE ID: CVE-2022-26534
CVSS v3 Score: 7.5 (HIGH)
CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Published: March 17, 2022
Last Updated: November 21, 2024

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON