Vulnerability Details CVE-2022-23507
Tendermint is a high-performance blockchain consensus engine for Byzantine fault tolerant applications. Versions prior to 0.28.0 contain a potential attack via Improper Verification of Cryptographic Signature, affecting anyone using the tendermint-light-client and related packages to perform light client verification (e.g. IBC-rs, Hermes). The light client does not check that the chain IDs of the trusted and untrusted headers match, resulting in a possible attack vector where someone who finds a header from an untrusted chain that satisfies all other verification conditions (e.g. enough overlapping validator signatures) could fool a light client. The attack vector is currently theoretical, and no proof-of-concept exists yet to exploit it on live networks. This issue is patched in version 0.28.0. There are no workarounds.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 35.2%
CVSS Severity
CVSS v3 Score 5.4
References
Products affected by CVE-2022-23507
-
cpe:2.3:a:tendermint-light-client-js_project:tendermint-light-client-js:*
-
cpe:2.3:a:tendermint-light-client-verifier_project:tendermint-light-client-verifier:*
-
cpe:2.3:a:tendermint-light-client_project:tendermint-light-client:*