Voozh

Vulnerabilities

CVE-2024-31497 Detail

Modified After Enrichment

This CVE record has been updated after NVD enrichment efforts were completed. Enrichment data supplied by the NVD may require amendment due to these changes.

Description

In PuTTY 0.68 through 0.80 before 0.81, biased ECDSA nonce generation allows an attacker to recover a user's NIST P-521 secret key via a quick attack in approximately 60 signatures. This is especially important in a scenario where an adversary is able to read messages signed by PuTTY or Pageant. The required set of signed messages may be publicly readable because they are stored in a public Git service that supports use of SSH for commit signing, and the signatures were made by Pageant through an agent-forwarding mechanism. In other words, an adversary may already have enough signature information to compromise a victim's private key, even if there is no further use of vulnerable PuTTY versions. After a key compromise, an adversary may be able to conduct supply-chain attacks on software maintained in Git. A second, independent scenario is that the adversary is an operator of an SSH server to which the victim authenticates (for remote login or file copy), even though this server is not fully trusted by the victim, and the victim uses the same private key for SSH connections to other services operated by other entities. Here, the rogue server operator (who would otherwise have no way to determine the victim's private key) can derive the victim's private key, and then use it for unauthorized access to those other services. If the other services include Git services, then again it may be possible to conduct supply-chain attacks on software maintained in Git. This also affects, for example, FileZilla before 3.67.0, WinSCP before 6.3.3, TortoiseGit before 2.15.0.1, and TortoiseSVN through 1.14.6.

Metrics

NVD enrichment efforts reference publicly available information to associate vector strings. CVSS information contributed by other sources is also displayed.

CVSS 4.0 Severity and Vector Strings:

👁 NIST CVSS score

NIST: NVD

NVD assessment not yet provided.

References to Advisories, Solutions, and Tools

By selecting these links, you will be leaving NIST webspace. We have provided these links to other web sites because they may have information that would be of interest to you. No inferences should be drawn on account of other sites being referenced, or not, from this page. There may be other web sites that are more appropriate for your purpose. NIST does not necessarily endorse the views expressed, or concur with the facts presented on these sites. Further, NIST does not endorse any commercial products that may be mentioned on these sites. Please address comments about this page to [email protected].

URL	Source(s)	Tag(s)
http://www.openwall.com/lists/oss-security/2024/04/15/6	CVE, MITRE	Mailing List Third Party Advisory
https://bugzilla.redhat.com/show_bug.cgi?id=2275183	CVE, MITRE	Issue Tracking
https://bugzilla.suse.com/show_bug.cgi?id=1222864	CVE, MITRE	Issue Tracking
https://docs.ccv.brown.edu/oscar/connecting-to-oscar/ssh/ssh-agent-forwarding/key-generation-and-agent-forwarding-with-putty	CVE, MITRE	Product
https://filezilla-project.org/versions.php	CVE, MITRE	Release Notes
https://git.tartarus.org/?h=c193fe9848f50a88a4089aac647fecc31ae96d27&p=simon/putty.git	CVE, MITRE	Mailing List Patch
https://github.com/advisories/GHSA-6p4c-r453-8743	CVE, MITRE	Third Party Advisory
https://github.com/daedalus/BreakingECDSAwithLLL	CVE, MITRE	Third Party Advisory
https://lists.debian.org/debian-lts-announce/2024/06/msg00014.html	CVE, MITRE
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IZS3B37GNGWOOV7QU7B7JFK76U4TOP4V/	CVE, MITRE	Mailing List Third Party Advisory
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MMHILY2K7HQGQRHOC375KRRG2M6625RD/	CVE, MITRE	Mailing List Third Party Advisory
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PUOTQVGC4DISVHQGSPUYGXO6TLDK65LA/	CVE, MITRE	Mailing List Third Party Advisory
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WFDZBV7ZCAZ6AH3VCQ34SSY7L3J7VZXZ/	CVE, MITRE	Mailing List Third Party Advisory
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WMJH7M663BVO3SY6MFAW2FAZWLLXAPRQ/	CVE, MITRE	Mailing List Third Party Advisory
https://lists.fedoraproject.org/archives/list/[email protected]/message/IZS3B37GNGWOOV7QU7B7JFK76U4TOP4V/	CVE
https://lists.fedoraproject.org/archives/list/[email protected]/message/MMHILY2K7HQGQRHOC375KRRG2M6625RD/	CVE
https://lists.fedoraproject.org/archives/list/[email protected]/message/PUOTQVGC4DISVHQGSPUYGXO6TLDK65LA/	CVE
https://lists.fedoraproject.org/archives/list/[email protected]/message/WMJH7M663BVO3SY6MFAW2FAZWLLXAPRQ/	CVE
https://news.ycombinator.com/item?id=40044665	CVE, MITRE	Issue Tracking
https://security-tracker.debian.org/tracker/CVE-2024-31497	CVE, MITRE	Third Party Advisory
https://securityonline.info/cve-2024-31497-critical-putty-vulnerability-exposes-private-keys-immediate-action-required/	CVE, MITRE	Press/Media Coverage
https://tartarus.org/~simon/putty-snapshots/htmldoc/Chapter9.html#pageant-forward	CVE, MITRE	Product
https://tortoisegit.org	CVE, MITRE	Third Party Advisory
https://twitter.com/CCBalert/status/1780229237569470549	CVE, MITRE	Press/Media Coverage
https://twitter.com/lambdafu/status/1779969509522133272	CVE, MITRE	Press/Media Coverage
https://winscp.net/eng/news.php	CVE, MITRE	Third Party Advisory
https://www.bleepingcomputer.com/news/security/putty-ssh-client-flaw-allows-recovery-of-cryptographic-private-keys/	CVE, MITRE	Press/Media Coverage
https://www.chiark.greenend.org.uk/~sgtatham/putty/changes.html	CVE, MITRE	Release Notes Vendor Advisory
https://www.chiark.greenend.org.uk/~sgtatham/putty/wishlist/vuln-p521-bias.html	CVE, MITRE	Vendor Advisory
https://www.openwall.com/lists/oss-security/2024/04/15/6	CVE, MITRE	Mailing List Third Party Advisory
https://www.reddit.com/r/sysadmin/comments/1c4wmoj/putty_vulnerability_affecting_v068_to_v08/	CVE, MITRE	Press/Media Coverage
https://www.vicarius.io/vsociety/posts/understanding-a-critical-vulnerability-in-putty-biased-ecdsa-nonce-generation-revealing-nist-p-521-private-keys-cve-2024-31497	CVE

Weakness Enumeration

CWE-ID	CWE Name	Source
CWE-338	Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG)	👁 cwe source acceptance level NIST CISA-ADP

Known Affected Software Configurations Switch to CPE 2.2

CPEs loading, please wait.

Denotes Vulnerable Software
Are we missing a CPE here? Please let us know.

Change History

20 change records found show changes

Quick Info

CVE Dictionary Entry:
CVE-2024-31497
NVD Published Date:
04/15/2024
NVD Last Modified:
06/17/2026
Source:
MITRE

URL: https://nvd.nist.gov/vuln/detail/CVE-2024-31497

⇱ NVD - CVE-2024-31497

CVE-2024-31497 Detail

Description

Metrics

References to Advisories, Solutions, and Tools

Weakness Enumeration

Known Affected Software Configurations Switch to CPE 2.2

CPEs loading, please wait.

Change History

CVE Modified by CISA-ADP 6/17/2026 3:28:32 AM

CVE Modified by MITRE 6/17/2026 3:28:32 AM

CVE Modified by CVE 11/04/2025 5:16:00 PM

CVE Modified by CVE 11/04/2025 2:17:08 PM

CVE Modified by CVE 11/04/2025 1:16:19 PM

CVE Modified by CISA-ADP 3/27/2025 11:15:51 AM

CVE Modified by CVE 11/21/2024 4:13:38 AM

CVE Modified by MITRE 6/20/2024 3:15:49 PM

CVE Modified by MITRE 5/14/2024 11:25:30 AM

Initial Analysis by NIST 5/10/2024 10:33:55 AM

CVE Modified by MITRE 5/01/2024 2:15:23 PM

CVE Modified by MITRE 4/25/2024 10:15:06 PM

CVE Modified by MITRE 4/25/2024 2:15:59 AM

CVE Modified by MITRE 4/23/2024 2:15:14 PM

CVE Modified by MITRE 4/17/2024 10:15:07 PM

CVE Modified by MITRE 4/16/2024 7:15:08 PM

CVE Modified by MITRE 4/15/2024 7:15:06 PM

CVE Modified by MITRE 4/15/2024 6:15:08 PM

CVE Modified by MITRE 4/15/2024 5:15:07 PM

New CVE Received from MITRE 4/15/2024 4:15:11 PM

Quick Info