CVE-2023-48051

Vulnerability

upydev, a command-line tool for MicroPython devices [1], contains a cryptographic weakness in its keygen.py module. The RSA implementation uses PKCS 1v1.5 padding instead of the recommended OAEP (Optimal Asymmetric Encryption Padding) [3]. This outdated padding scheme is known to be vulnerable to padding oracle attacks, such as Bleichenbacher's attack, which can compromise the confidentiality of encrypted data [3].

Exploitation

An attacker with network access to a device using upydev could intercept or manipulate encrypted communications that rely on this RSA implementation [3]. The attack does not require authentication if the attacker can observe encrypted traffic, but would need the ability to perform chosen-ciphertext queries against the decryption oracle. The vulnerability is classified as CWE-780: Use of RSA Algorithm without OAEP [3].

Impact

By exploiting the weak padding scheme, an attacker can decrypt sensitive information that was intended to be protected by RSA encryption [3]. This could expose device configuration data, passwords, or other confidential material transmitted between the upydev client and the MicroPython device. The issue exists in version 0.4.3 of upydev [3].

Mitigation

As of the CVE publication date (2023-11-20), a fix has not been released in the public repository. The recommended mitigation is to update the RSA implementation to use OAEP padding for encryption and PSS (Probabilistic Signature Scheme) for signatures [3]. Users should avoid using upydev 0.4.3 for sensitive operations until a patched version is available.