Bitcoin project security update-CVE-2019-15947

March 8, 2022

NAME

Bitcoin ProjectBitcoin Core

  • Platforms Affected:
    Bitcoin Core

  • Risk Level:
    medium

  • CVE Type:
    Cleartext storage of sensitive information

DESCRIPTION

CVE-2019-15947 is a cleartext storage of sensitive information vulnerability impacting Bitcoin Core version 0.18.0. An exploit was observed in open source and a link to an exploit was shared in the underground.

CVSS Information:

  • CVSS 2.0 SCORE: 5
  • CVSS 3.0 SCORE: 7.5

  • Exploit Disclosed in the Public:
    true

  • Exploit Weaponised:
    true

  • PoC Link:
    hXXps://github[.]com/oxagast/oxasploits/blob/master/exploits/CVE-2019-15947/makeitrain[.]sh

MITIGATION

Bitcoin Project addressed the vulnerability in a GitHub software development platform saved commit change with a patch.

  • Reference Link:
    https://github.com/bitcoin/bitcoin/pull/15600

  • Patch Available:
    available

If you like the site, please consider joining the telegram channel and supporting us on Patreon using the button below.

Digital Patreon Wordmark FieryCoralv2

You may have missed

image

[APT73] – Ransomware Victim: gureco[.]pl

November 23, 2024
image

[APT73] – Ransomware Victim: lgpunjab[.]gov[.]in

November 23, 2024
image

[INCRANSOM] – Ransomware Victim: IPE Engwicht

November 23, 2024
image

[HUNTERS] – Ransomware Victim: Aeris Energy

November 23, 2024
image

[HUNTERS] – Ransomware Victim: Jones & Mayer

November 23, 2024