SCA: security update for libosdp (GHSA-xhjw-7vh5-qxqm)

medium Tenable Cloud Security Plugin ID 420525

Description

There are packages installed that are affected by a vulnerability referenced in the following CVE:

- libosdp is an implementation of IEC 60839-11-5 OSDP (Open Supervised Device Protocol) and provides a C
library with support for C++, Rust and Python3. In affected versions an unexpected `REPLY_CCRYPT` or
`REPLY_RMAC_I` may be introduced into an active stream when they should not be. Once RMAC_I message can be
sent during a session, attacker with MITM access to the communication may intercept the original RMAC_I
reply and save it. While the session continues, the attacker will record all of the replies and save them,
till capturing the message to be replied (can be detected by ID, length or time based on inspection of
visual activity next to the reader) Once attacker captures a session with the message to be replayed, he
stops resetting the connection and waits for signal to perform the replay to of the PD to CP message (ex:
by signaling remotely to the MIMT device or setting a specific timing). In order to replay, the attacker
will craft a specific RMAC_I message in the proper seq of the execution, which will result in reverting
the RMAC to the beginning of the session. At that phase - attacker can replay all the messages from the
beginning of the session. This issue has been addressed in commit `298576d9` which is included in release
version 3.0.0. Users are advised to upgrade. There are no known workarounds for this vulnerability.
(CVE-2024-52288)

See Also

https://github.com/advisories/GHSA-xhjw-7vh5-qxqm

Plugin Details

Severity: Medium

ID: 420525

Version: Revision 1.7

Type: Local

Family: SCA Checks

Published: 1/23/2025

Updated: 7/2/2026

Supported Sensors: Tenable Cloud Security, Tenable Self-Hosted Container Security

Risk Information

VPR

Risk Factor: Low

Score: 3

Percentile: 23.18

Vendor

Vendor Severity: Medium

CVSS v2

Risk Factor: Medium

Base Score: 4

Temporal Score: 3

Vector: CVSS2#AV:L/AC:H/Au:N/C:C/I:N/A:N

CVSS Score Source: CVE-2024-52288

CVSS v3

Risk Factor: Medium

Base Score: 5.1

Temporal Score: 4.5

Vector: CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N

Temporal Vector: CVSS:3.0/E:U/RL:O/RC:C

Vulnerability Information

Exploit Ease: No known exploits are available

Patch Publication Date: 3/8/2024

Vulnerability Publication Date: 3/8/2024

Reference Information

CVE: CVE-2024-52288

cwe: CWE-924