HOMEVULNERABILITIESCVE-2023-4807
HIGH

CVE-2023-4807

CWE-440Published: September 8, 2023· Updated: Jun 17, 2026

7.8
CVSS v3.1

Official Description

Issue summary: The POLY1305 MAC (message authentication code) implementation

contains a bug that might corrupt the internal state of applications on the

Windows 64 platform when running on newer X86_64 processors supporting the

AVX512-IFMA instructions.

Impact summary: If in an application that uses the OpenSSL library an attacker

can influence whether the POLY1305 MAC algorithm is used, the application

state might be corrupted with various application dependent consequences.

The POLY1305 MAC (message authentication code) implementation in OpenSSL does

not save the contents of non-volatile XMM registers on Windows 64 platform

when calculating the MAC of data larger than 64 bytes. Before returning to

the caller all the XMM registers are set to zero rather than restoring their

previous content. The vulnerable code is used only on newer x86_64 processors

supporting the AVX512-IFMA instructions.

The consequences of this kind of internal application state corruption can

be various - from no consequences, if the calling application does not

depend on the contents of non-volatile XMM registers at all, to the worst

consequences, where the attacker could get complete control of the application

process. However given the contents of the registers are just zeroized so

the attacker cannot put arbitrary values inside, the most likely consequence,

if any, would be an incorrect result of some application dependent

calculations or a crash leading to a denial of service.

The POLY1305 MAC algorithm is most frequently used as part of the

CHACHA20-POLY1305 AEAD (authenticated encryption with associated data)

algorithm. The most common usage of this AEAD cipher is with TLS protocol

versions 1.2 and 1.3 and a malicious client can influence whether this AEAD

cipher is used by the server. This implies that server applications using

OpenSSL can be potentially impacted. However we are currently not aware of

any concrete application that would be affected by this issue therefore we

consider this a Low severity security issue.

As a workaround the AVX512-IFMA instructions support can be disabled at

runtime by setting the environment variable OPENSSL_ia32cap:

OPENSSL_ia32cap=:~0x200000

The FIPS provider is not affected by this issue.

NVD Source

Technical Analysis

CVE-2023-4807 requires local access, meaning attackers must already have a foothold on the target system.

Exploitation requires low privileges, which limits the exposure to scenarios where an attacker has already gained initial access.

A successful exploit results in complete confidentiality breach (data exposure), full integrity compromise (data manipulation), availability disruption (denial of service), with a CVSS base score of 7.8.

CVSS v3.1 Vector Breakdown

Exploitability
Attack VectorLocal
Attack ComplexityLow
Privileges Req.Low
User InteractionNone
ScopeUnchanged
Impact
ConfidentialityHigh
IntegrityHigh
AvailabilityHigh
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Affected Vendors & Products

OpenSSL1 product(s)
openssl
Source: NVD CPE · 1 total CPE entries

Exploit & PoC Resources

NO KNOWN EXPLOITNo public exploit confirmed at this time
External links open in a new tab. Always verify in a controlled environment before use.

Official Patches & Advisories

All References (9)

Quick Facts

CVE IDCVE-2023-4807
CVSS Score7.8 / 10
SeverityHIGH
WeaknessCWE-440
CISA KEVNo
Affected1 vendor(s)
PublishedSep 8, 2023

Related CVEs (CWE-440)

Recommended Actions

  • Apply vendor patches immediately
  • Monitor CVE-2023-4807 in threat intel feeds
  • Review IDS/IPS signatures for exploitation attempts
Data sourced from NVD (NIST), CISA KEV, and EPSS (FIRST). Analysis generated by CTIWATCH.COM. CVE data is provided under the NVD usage policy.