216.73.217.80

CVE-2025-66017

· Published 25/11/2025 20:16 · Modified 25/11/2025 22:16

Labels: CVE-2025-66017 2025-11-25CVE-2025-66017CWE-327[email protected]

Essential information

Published
25/11/2025 20:16
Modified
25/11/2025 22:16
Author
Creator
CVSS
8.2 HIGH (v3) 8.2 HIGH (v4.0)
CISA KEV
No
CWE
CVSS vector

CVSS metrics

Description

CGGMP24 is a state-of-art ECDSA TSS protocol that supports 1-round signing (requires 3 preprocessing rounds), identifiable abort, and a key refresh protocol. In versions 0.6.3 and prior of cggmp21 and version 0.7.0-alpha.1 of cggmp24, presignatures can be used in the way that significantly reduces security. cggmp24 version 0.7.0-alpha.2 release contains API changes that make it impossible to use presignatures in contexts in which it reduces security.

NVD status

Status
Awaiting Analysis — CVE has been marked for Analysis. Normally once in this state the CVE will be analyzed by NVD staff within 24 hours.
Source
[email protected]
NVD
View on NVD

References