Vulnerabilities > CVE-2021-46873 - Unspecified vulnerability in Wireguard 0.5.3

CVSS 5.3 - MEDIUM

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

NONE

Integrity impact

NONE

Availability impact

LOW

network

low complexity

wireguard

NVD

Published: 2023-01-29

Updated: 2023-02-07

Summary

WireGuard, such as WireGuard 0.5.3 on Windows, does not fully account for the possibility that an adversary might be able to set a victim's system time to a future value, e.g., because unauthenticated NTP is used. This can lead to an outcome in which one static private key becomes permanently useless.

Vulnerable Configurations

Part	Description	Count
Application	Wireguard Wireguard Wireguard 0.5.3	1
OS	Microsoft Microsoft Windows -	1

References

https://lists.zx2c4.com/pipermail/wireguard/2021-August/006916.html