Vulnerabilities > CVE-2021-36218 - Out-of-bounds Write vulnerability in Skale Sgxwallet 1.58.3

CVSS 7.5 - HIGH

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

NONE

Integrity impact

NONE

Availability impact

HIGH

network

low complexity

skale

CWE-787

NVD

Published: 2021-09-27

Updated: 2024-11-21

Summary

An issue was discovered in SKALE sgxwallet 1.58.3. sgx_disp_ippsAES_GCMEncrypt allows an out-of-bounds write, resulting in a segfault and compromised enclave. This issue describes a buffer overflow, which was resolved prior to v1.77.0 and not reproducible in latest sgxwallet v1.77.0

Vulnerable Configurations

Part	Description	Count
Application	Skale Skale Sgxwallet 1.58.3	1

Common Weakness Enumeration (CWE)

CWE-787 - Out-of-bounds Write

References

https://github.com/skalenetwork/sgxwallet/commit/77425c862ad20cd270d42c54f3d63e1eb4e02195
https://github.com/skalenetwork/sgxwallet/commit/77425c862ad20cd270d42c54f3d63e1eb4e02195
https://github.com/skalenetwork/sgxwallet/releases
https://github.com/skalenetwork/sgxwallet/releases