<?xml version="1.0" encoding="utf-8" standalone="yes"?><rss version="2.0" xmlns:atom="http://www.w3.org/2005/Atom" xmlns:content="http://purl.org/rss/1.0/modules/content/"><channel><title>CVE-2026-4599 - CraftedSignal Threat Feed</title><link>https://feed.craftedsignal.io/tags/cve-2026-4599/</link><description>Trending threats, MITRE ATT&amp;CK coverage, and detection metadata. Fed continuously.</description><generator>Hugo</generator><language>en</language><managingEditor>hello@craftedsignal.io</managingEditor><webMaster>hello@craftedsignal.io</webMaster><lastBuildDate>Thu, 18 Jan 2024 12:00:00 +0000</lastBuildDate><atom:link href="https://feed.craftedsignal.io/tags/cve-2026-4599/feed.xml" rel="self" type="application/rss+xml"/><item><title>jsrsasign DSA Nonce Bias Vulnerability (CVE-2026-4599)</title><link>https://feed.craftedsignal.io/briefs/2024-01-18-jsrsasign-dsa-nonce-bias/</link><pubDate>Thu, 18 Jan 2024 12:00:00 +0000</pubDate><author>hello@craftedsignal.io</author><guid isPermaLink="true">https://feed.craftedsignal.io/briefs/2024-01-18-jsrsasign-dsa-nonce-bias/</guid><description>jsrsasign versions 7.0.0 through 11.1.1 are vulnerable to a DSA nonce bias due to incomplete comparison checks in the getRandomBigIntegerZeroToMax and getRandomBigIntegerMinToMax functions, potentially allowing an attacker to recover the private key.</description><content:encoded><![CDATA[<p>The jsrsasign library, a popular JavaScript cryptography toolkit, contains a critical vulnerability (CVE-2026-4599) in versions 7.0.0 up to, but not including, 11.1.1. This flaw resides in the <code>getRandomBigIntegerZeroToMax</code> and <code>getRandomBigIntegerMinToMax</code> functions within <code>src/crypto-1.1.js</code>. The vulnerability stems from incomplete comparison checks that accept out-of-range candidates when generating DSA nonces. This introduces a bias in the nonce generation process, which an attacker could exploit to potentially recover the private key associated with the DSA signatures. This is a high-severity issue because successful exploitation allows for complete compromise of the cryptographic keys.</p>
<h2 id="attack-chain">Attack Chain</h2>
<ol>
<li>An attacker identifies a target application utilizing a vulnerable version (7.0.0 to 11.1.0) of the jsrsasign library for DSA signature generation.</li>
<li>The application calls the vulnerable <code>getRandomBigIntegerZeroToMax</code> or <code>getRandomBigIntegerMinToMax</code> function within <code>src/crypto-1.1.js</code> to generate a random nonce (<code>k</code>) for DSA signature creation.</li>
<li>Due to the incomplete comparison checks, the function generates a biased set of nonces, meaning some nonces are statistically more likely to be generated than others.</li>
<li>The attacker collects a significant number of DSA signatures generated by the vulnerable application.</li>
<li>The attacker analyzes the collected signatures, leveraging statistical analysis techniques to identify the bias in the generated nonces (<code>k</code>).</li>
<li>Using the identified nonce bias, the attacker applies mathematical algorithms (e.g., lattice-based techniques or Hidden Number Problem solvers) to recover the private key.</li>
<li>The attacker successfully reconstructs the private key used for signing.</li>
<li>The attacker can now forge signatures, impersonate the legitimate entity, and potentially gain unauthorized access or perform malicious actions.</li>
</ol>
<h2 id="impact">Impact</h2>
<p>Successful exploitation of CVE-2026-4599 allows an attacker to recover the private key used in DSA signature generation by applications using vulnerable versions of jsrsasign. This allows the attacker to forge signatures, potentially leading to unauthorized access, data breaches, and complete compromise of systems relying on the affected keys. The vulnerability has a CVSS v3.1 base score of 9.1, indicating critical severity. While the number of victims is unknown, any application relying on jsrsasign for DSA signatures is potentially vulnerable.</p>
<h2 id="recommendation">Recommendation</h2>
<ul>
<li>Upgrade the jsrsasign library to version 11.1.1 or later to patch CVE-2026-4599.</li>
<li>Implement the Sigma rule &quot;Detect jsrsasign Vulnerable Version Usage&quot; to identify systems using vulnerable versions of the library.</li>
<li>Monitor web server logs for requests containing potentially malicious DSA signature generation attempts, focusing on applications known to use jsrsasign.</li>
</ul>
]]></content:encoded><category domain="severity">critical</category><category domain="type">advisory</category><category>jsrsasign</category><category>DSA</category><category>nonce-bias</category><category>cryptography</category><category>CVE-2026-4599</category></item></channel></rss>