What is CVE-2023-50387?

CVE-2023-50387 is a vulnerability in N/a. Published 2024-02-14.

Is CVE-2023-50387 known to be exploited?

22 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

Vulnerability in N/a

CVE-2023-50387

Certain DNSSEC aspects of the DNS protocol (in RFC 4033, 4034, 4035, 6840, and related RFCs) allow remote attackers to cause a denial of service (CPU consumption) via one or more DNSSEC responses, aka the "KeyTrap" issue. One of the concer…

EPSS: 1.000 (100.0th percentile) — read the EPSS interpretation.

Affected products

N/a — versions n/a

Public proof-of-concept exploits

knqyf263/CVE-2023-50387
Pablodiz/CVE-2023-50387
Meirelez/SSR-DNSSEC
GrigGM/05-virt-04-docker-hw
Maribel0370/Nebula-io
Pablodiz/Pablodiz
appatalks/ghes-cve-check
fkie-cad/nvd-json-data-feeds
fokypoky/places-list
giterlizzi/secdb-feeds

References

www.athene-center.de/aktuelles/key-trap
nlnetlabs.nl/news/2024/Feb/13/unbound-1.19.1-released/
kb.isc.org/docs/cve-2023-50387
docs.powerdns.com/recursor/security-advisories/powerdns-advisory-2024-01.html
www.theregister.com/2024/02/13/dnssec_vulnerability_internet/
news.ycombinator.com/item
www.securityweek.com/keytrap-dns-attack-could-disable-large-parts-of-internet-r…
www.isc.org/blogs/2024-bind-security-release/
news.ycombinator.com/item
gitlab.nic.cz/knot/knot-resolver/-/releases/v5.7.1

Frequently asked questions

What is CVE-2023-50387?: CVE-2023-50387 is a vulnerability in N/a. Published 2024-02-14.
Is CVE-2023-50387 known to be exploited?: 22 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.