Use of a Broken or Risky Cryptographic Algorithm in cggmp24 | CVE-2025-66017

Q: How to fix?

Upgrade cggmp24 to version 0.7.0-alpha.2 or higher.

Introduced: 24 Nov 2025

NewCVE-2025-66017 (opens in a new tab) CWE-327 (opens in a new tab)

How to fix?

Upgrade cggmp24 to version 0.7.0-alpha.2 or higher.

Overview

cggmp24 is a TSS ECDSA implementation based on CGGMP24 paper

Affected versions of this package are vulnerable to Use of a Broken or Risky Cryptographic Algorithm in the Presignature::set_derivation_path and Presignature::issue_partial_signature functions. An attacker can significantly reduce the cryptographic security level or forge signatures by manipulating presignatures in conjunction with HD wallet derivation or by signing hashed messages without access to the original message.

Note: This is only exploitable if presignatures are used with HD wallet derivation or for raw signing without the original message.

References

CVSS Base Scores

version 4.0

version 3.1

Attack Vector (AV)
Network
Attack Complexity (AC)
High
Attack Requirements (AT)
Present
Privileges Required (PR)
None
User Interaction (UI)
None

Confidentiality (VC)
High
Integrity (VI)
High
Availability (VA)
None

Confidentiality (SC)
None
Integrity (SI)
None
Availability (SA)
None

Use of a Broken or Risky Cryptographic Algorithm Affecting cggmp24 package, versions <0.7.0-alpha.2

Severity

Do your applications use this vulnerable package?

Snyk Learn

Introduced: 24 Nov 2025

How to fix?

Overview

References

CVSS Base Scores

Snyk