Strix
26.1K

CVE-2023-40014

MEDIUMCVSS 5.3/10EPSS 0.61%

Last modified

CVE-2023-40014 is a medium-severity vulnerability rated 5.3/10 on the CVSS scale. OpenZeppelin Contracts is a library for secure smart contract development. Starting in version 4.0.0 and prior to version 4.9.3, contracts using `ERC2771Context` along with a custom trusted forwarder may see `_msgSender` return `address(0)` in calls that originate from the forwarder with calldata shorter than 20 bytes. EPSS estimates a 0.61% chance of exploitation in the next 30 days.

Description

OpenZeppelin Contracts is a library for secure smart contract development. Starting in version 4.0.0 and prior to version 4.9.3, contracts using `ERC2771Context` along with a custom trusted forwarder may see `_msgSender` return `address(0)` in calls that originate from the forwarder with calldata shorter than 20 bytes. This combination of circumstances does not appear to be common, in particular it is not the case for `MinimalForwarder` from OpenZeppelin Contracts, or any deployed forwarder the team is aware of, given that the signer address is appended to all calls that originate from these forwarders. The problem has been patched in v4.9.3.

Metrics

CVSS 3.1
5.3/10

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

EPSS Probability
0.61%

44.7th percentile

Probability of exploitation in the next 30 days. Learn more

Weakness Enumeration

Affected Software

VendorProductVersions
OpenzeppelinOpenzeppelin Contracts>= 4.0.0, < 4.9.3
OpenzeppelinOpenzeppelin Contracts-Upgradable>= 4.0.0, < 4.9.3

References

Timeline

Published
Last Modified
Status
Modified

Frequently Asked Questions

What is CVE-2023-40014?
OpenZeppelin Contracts is a library for secure smart contract development. Starting in version 4.0.0 and prior to version 4.9.3, contracts using `ERC2771Context` along with a custom trusted forwarder may see `_msgSender` return `address(0)` in calls that originate from the forwarder with calldata shorter than 20 bytes. This combination of circumstances does not appear to be common, in particular it is not the case for `MinimalForwarder` from OpenZeppelin Contracts, or any deployed forwarder the team is aware of, given that the signer address is appended to all calls that originate from these forwarders. The problem has been patched in v4.9.3.
How severe is CVE-2023-40014?
CVE-2023-40014 has a CVSS score of 5.3/10 (MEDIUM severity). The EPSS model estimates a 0.61% probability of exploitation in the next 30 days.
How do I fix CVE-2023-40014?
Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.

Are you affected by CVE-2023-40014?

Run a free Strix scan to check your systems for this vulnerability.

Scan your code now

Source: NVD / NIST