CVEReports
CVEReports

Automated vulnerability intelligence platform. Comprehensive reports for high-severity CVEs generated by AI.

Product

  • Home
  • Sitemap
  • RSS Feed

Company

  • About
  • Contact
  • Privacy Policy
  • Terms of Service

© 2026 CVEReports. All rights reserved.

Made with love by Amit Schendel & Alon Barad



CVE-2023-43634

Trust Issues: Bypassing EVE OS Measured Boot via PCR Amnesia

Alon Barad
Alon Barad
Software Engineer

Feb 4, 2026·6 min read·18 visits

Executive Summary (TL;DR)

EVE OS developers moved the configuration partition measurement to TPM PCR 14 but forgot to tell the TPM to check it. Attackers can modify system configs (like SSH keys) without preventing the device from unlocking its encrypted vault.

A critical oversight in the EVE OS Trusted Platform Module (TPM) implementation allowed attackers to bypass Measured Boot protections. By failing to include Platform Configuration Register (PCR) 14 in the sealing policy, the system permitted unauthorized modifications to the configuration partition without locking the encryption keys.

The Hook: The Digital Bouncer

Imagine a high-security vault that requires a retina scan, a fingerprint, and a voice print to open. It’s impenetrable. Now imagine the security guard decides to stop checking the voice print because he's tired, but he doesn't tell anyone. That is effectively what happened inside EVE OS.

EVE OS relies on a hardware root of trust—the Trusted Platform Module (TPM)—to implement 'Measured Boot'. The idea is simple: as the device boots, it calculates cryptographic hashes of every component (BIOS, bootloader, kernel, config) and stores them in Platform Configuration Registers (PCRs).

The device's 'vault' key (which decrypts your data) is 'sealed' against these PCRs. The TPM is essentially told: 'Only release this key if PCR 0 through PCR 13 look exactly like they did when we set this up.' If a hacker modifies the kernel, the hash changes, the PCR values mismatch, and the TPM tells the hacker to get lost. The vault stays locked.

But in CVE-2023-43634, we found out that EVE OS was strictly checking the front door while leaving the garage side-door wide open. They were measuring a critical component, but they weren't actually checking the measurement.

The Flaw: The PCR Shuffle

The root cause of this vulnerability is a classic case of 'I thought you handled that.' In the world of TPMs, different PCR indices are reserved for different things. Historically, EVE OS measured its configuration partition into PCR 13. This partition holds the keys to the kingdom—API endpoints, authorized SSH keys, and system settings.

At some point, a developer decided to clean house. In commit 56e5897, the measurement of the configuration partition was moved from PCR 13 to PCR 14. This makes sense organizationally. It keeps things tidy.

However, there are two steps to this dance: 1) Measure the data into the register, and 2) Tell the TPM to validate that register before unsealing the keys. They did step 1 perfectly. They completely forgot step 2.

The DiskKeySealingPCRs list—the policy that dictates what the TPM checks—was never updated to include PCR 14. So, every time the device booted, it dutifully measured the config into PCR 14, and then the TPM dutifully ignored it, checking only 0 through 13. You could rewrite the entire configuration partition, changing the value of PCR 14 entirely, and the TPM would still happily hand over the encryption keys.

The Code: The Smoking Gun

Let's look at the code, because in Go, the mistake is almost painfully obvious once you know where to look. This is located in pkg/pillar/evetpm/tpm.go.

Here is the vulnerable code configuration:

// Vulnerable Code
// DiskKeySealingPCRs represents PCRs that we use for sealing
DiskKeySealingPCRs = tpm2.PCRSelection{
    Hash: tpm2.AlgSHA1, 
    PCRs: []int{0, 1, 2, 3, 4, 6, 7, 8, 9, 13}
}

Do you see 14 in that list? Neither do I. Also, notice the use of AlgSHA1. In 2023. That's a separate sin, but it adds flavor to the failure.

Here is the fix provided in the patch:

// Patched Code
// DiskKeySealingPCRs represents PCRs that we use for sealing
DiskKeySealingPCRs = tpm2.PCRSelection{
    Hash: tpm2.AlgSHA256, // Upgraded to SHA256 (Nice)
    PCRs: []int{0, 1, 2, 3, 4, 6, 7, 8, 9, 13, 14} // PCR 14 added
}

The fix was literally two characters (adding 14) and a much-needed algorithm upgrade. Without that 14, the cryptographic chain of trust was broken at the configuration layer.

The Exploit: Ghost in the Config

How does a researcher (or an attacker) actually weaponize this? EVE OS is designed for edge computing—boxes sitting in factories, wind turbines, or retail stores. Physical access is often trivial.

The Attack Chain:

  1. Access: The attacker physically accesses the device (Evil Maid scenario) or boots from a live USB.
  2. Mount: They mount the storage medium. The config partition is usually read-only or integrity-protected, but since we are offline, we can modify the bits on the disk directly.
  3. Inject: The attacker modifies the authorized_keys file in the configuration partition to include their own public SSH key. Or, they change the controller URL to point to a malicious command-and-control server.
  4. Boot: The attacker reboots the device.

During boot, the bootloader hashes the modified config. The hash is different. PCR 14 changes to a new, 'tainted' value.

The TPM looks at the policy. "Does PCR 0 match? Yes. PCR 1? Yes... PCR 13? Yes." It stops there. It never looks at the tainted PCR 14. The vault key unlocks, the system boots, and the attacker logs in via SSH with root privileges using the key they injected.

The Impact: Broken Chains

The severity here is classified as High (CVSS 8.8) for a reason. EVE OS creates a promise of security: "If the device is tampered with, it won't boot (or at least won't decrypt secrets)."

This vulnerability completely negates that promise for the configuration layer. This isn't just about reading data; it's about persistence. An attacker can backdoor a device, and the device itself—specifically the TPM which is supposed to prevent this—will vouch for the system's integrity.

Since this affects the sealing of the vault, an attacker gets access to:

  • Credentials: WiFi passwords, API keys, and service secrets stored in the vault.
  • Workloads: They can inspect or modify the Docker containers/VMs running on the edge node.
  • Network: The device can be used as a pivot point into the deeper OT (Operational Technology) network.

The Fix: Better Late Than Never

The remediation is straightforward but requires action. The patch d9383a7ee4e1c39f5c8c6d4a63cb2ebd00695e8a fixes the issue by explicitly adding PCR 14 to the sealing list.

But simply applying the update isn't enough. Because the sealing policy is baked into the way the data is encrypted on disk, existing data is sealed with the old policy (ignoring PCR 14).

To fully remediate:

  1. Update: Flash the device to EVE OS version 8.6.0, 9.5.0, or newer.
  2. Reseal: The vault keys must be unsealed (using the old policy) and then re-sealed using the new policy (SHA256 + PCR 14). In many edge scenarios, this might require a reprovisioning of the device to ensure a clean state.

This is a harsh reminder that cryptography is only as good as its implementation. You can have the strongest algorithms in the world, but if you forget to check the register, you're just doing fancy math for no reason.

Official Patches

LF-EdgeCommit fixing the sealing policy

Fix Analysis (1)

Technical Appendix

CVSS Score
8.8/ 10
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
EPSS Probability
0.03%
Top 90% most exploited

Affected Systems

EVE OS < 8.6.0EVE OS 9.0.0 < 9.5.0

Affected Versions Detail

Product
Affected Versions
Fixed Version
EVE OS
LF-Edge
< 8.6.08.6.0
EVE OS
LF-Edge
>= 9.0.0 < 9.5.09.5.0
AttributeDetail
CVE IDCVE-2023-43634
CVSS8.8 (High)
CWECWE-922 (Insecure Storage)
VectorCVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
Attack VectorLocal (Physical/Storage)
Hash UpgradeSHA1 -> SHA256

MITRE ATT&CK Mapping

T1542.001Pre-OS Boot: System Firmware
Persistence
T1200Hardware Additions
Initial Access
T1059Command and Scripting Interpreter
Execution
CWE-922
Insecure Storage of Sensitive Information

The product stores sensitive information without checking the integrity of the storage container or the configuration affecting access control.

Vulnerability Timeline

CVE Published
2023-09-21
Fix Commit Merged
2023-09-20
Last Modified Date
2024-11-21

References & Sources

  • [1]ASRG Security Advisory
  • [2]NVD Detail

Attack Flow Diagram

Press enter or space to select a node. You can then use the arrow keys to move the node around. Press delete to remove it and escape to cancel.
Press enter or space to select an edge. You can then press delete to remove it or escape to cancel.

More Reports

•about 7 hours ago•CVE-2026-48861
2.1

CVE-2026-48861: HTTP Request Splitting and Smuggling via Method Parameter CRLF Injection in Elixir Mint

CVE-2026-48861 is a client-side HTTP request-line CRLF (Carriage Return Line Feed) injection vulnerability in the popular Elixir HTTP client library, Mint. The vulnerability permits HTTP Request Splitting and HTTP Request Smuggling when an application forwards untrusted, attacker-controlled inputs to Mint's HTTP client requests as either the HTTP request method or target. By embedding CRLF characters within these parameters, an attacker can terminate the request line prematurely, inject malicious headers, or pipeline entirely independent requests. These smuggled requests are then processed by upstream or downstream proxy servers as separate HTTP queries on the same TCP connection. While Mint version 1.7.0 introduced target validation to secure the request target, the HTTP request method parameter remained completely unvalidated. This flaw allows attackers to bypass routing filters, access restricted internal APIs, or poison HTTP caches under default configurations.

Amit Schendel
Amit Schendel
4 views•7 min read
•about 7 hours ago•CVE-2026-49753
6.3

CVE-2026-49753: HTTP Request/Response Smuggling via Inconsistent Content-Length Parsing in Elixir Mint Client

An Inconsistent Interpretation of HTTP Requests (HTTP Request/Response Smuggling) vulnerability in the Elixir Mint HTTP client allows attacker-controlled HTTP/1 servers to desynchronize response framing on shared connections due to over-lenient parsing of sign-prefixed Content-Length headers.

Amit Schendel
Amit Schendel
6 views•6 min read
•about 8 hours ago•CVE-2026-49754
8.2

CVE-2026-49754: Denial of Service via Unbounded HTTP/2 CONTINUATION Frame Accumulation in Elixir Mint

An allocation of resources without limits or throttling vulnerability in Elixir Mint allows an attacker-controlled HTTP/2 server to exhaust memory in a Mint client. The vulnerability is exploited by sending a HEADERS frame without the END_HEADERS flag followed by an infinite stream of CONTINUATION frames. Because the client lacks limits on the incoming header-block accumulator, the client continuously consumes memory until an out-of-memory crash occurs.

Amit Schendel
Amit Schendel
7 views•6 min read
•about 8 hours ago•CVE-2026-48596
2.1

CVE-2026-48596: Improper Neutralization of CRLF Sequences in Elixir Tesla Multipart HTTP Client

CVE-2026-48596 is an Improper Neutralization of CRLF Sequences in HTTP Headers (HTTP Request/Response Splitting, CWE-113) in the Elixir Tesla HTTP client. The flaw resides in how multipart content-type parameters are joined and serialized, enabling attackers to inject arbitrary headers or split HTTP requests when applications pass untrusted inputs to the parameters of multipart uploads.

Alon Barad
Alon Barad
5 views•6 min read
•about 9 hours ago•CVE-2026-48594
8.2

CVE-2026-48594: Decompression Bomb Denial of Service in Elixir Tesla HTTP Client

An improper handling of highly compressed data (decompression bomb) vulnerability exists in the Elixir Tesla HTTP client when utilizing response decompression middlewares. By serving highly compressed responses or stacked content-encoding headers, a malicious server can cause arbitrary heap exhaustion, leading to a denial of service (DoS) crash in the BEAM virtual machine.

Amit Schendel
Amit Schendel
6 views•6 min read
•about 9 hours ago•CVE-2026-48595
8.2

CVE-2026-48595: Cross-Origin Credential Leakage in Elixir Tesla Client via Case-Sensitive Redirect Filter Bypass

A high-severity security vulnerability in Elixir's Tesla HTTP client library (CVE-2026-48595) allows unauthenticated remote attackers to harvest sensitive credentials, including Authorization headers and cookies. The flaw resides in the 'Tesla.Middleware.FollowRedirects' component, which performs case-sensitive lookups when stripping credentials during cross-origin redirects. Because HTTP headers are case-insensitive by RFC specifications, standard canonical casing (e.g., 'Authorization') bypasses the lowercase-only blocklist, leaking tokens to untrusted external redirect destinations.

Alon Barad
Alon Barad
6 views•5 min read