Attacker Value

Unknown

(0 users assessed)

Exploitability

Unknown

(0 users assessed)

User Interaction

CVE-2023-38698

Disclosure Date: August 04, 2023 •

CVE-2023-38698 CVSS v3 Base Score: 6.5

MITRE ATT&CK

Add MITRE ATT&CK tactics and techniques that apply to this CVE.

Description

Ethereum Name Service (ENS) is a distributed, open, and extensible naming system based on the Ethereum blockchain. According to the documentation, controllers are allowed to register new domains and extend the expiry of existing domains, but they cannot change the ownership or reduce the expiration time of existing domains. However, a preliminary analysis suggests that an attacker-controlled controller may be able to reduce the expiration time of existing domains due to an integer overflow in the renew function. The vulnerability resides @ensdomains/ens-contracts prior to version 0.0.22.

If successfully exploited, this vulnerability would enable attackers to force the expiration of any ENS record, ultimately allowing them to claim the affected domains for themselves. Currently, it would require a malicious DAO to exploit it. Nevertheless, any vulnerability present in the controllers could potentially render this issue exploitable in the future. An additional concern is the possibility of renewal discounts. Should ENS decide to implement a system that offers unlimited .eth domains for a fixed fee in the future, the vulnerability could become exploitable by any user due to the reduced attack cost.

Version 0.0.22 contains a patch for this issue. As long as registration cost remains linear or superlinear based on registration duration, or limited to a reasonable maximum (eg, 1 million years), this vulnerability could only be exploited by a malicious DAO. The interim workaround is thus to take no action.

Add Assessment

No one has assessed this topic. Be the first to add your voice to the community.

CVSS V3 Severity and Metrics

Data provided by the National Vulnerability Database (NVD)

Base Score:

6.5 Medium

Impact Score:

3.6

Exploitability Score:

2.8

Vector:

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N

Attack Vector (AV):

Network

Attack Complexity (AC):

Low

Privileges Required (PR):

Low

User Interaction (UI):

None

Scope (S):

Unchanged

Confidentiality (C):

None

Integrity (I):

High

Availability (A):

None

Vendors

ens.domains

Products

ethereum name service

References

Canonical

CVE-2023-38698 (https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-38698)

Miscellaneous

https://github.com/ensdomains/ens-contracts/security/advisories/GHSA-rrxv-q8m4-wch3

https://github.com/ensdomains/ens-contracts/commit/e6b136e979084de3761c125142620304173990ca

https://github.com/ensdomains/ens-contracts/blob/master/contracts/ethregistrar/BaseRegistrarImplementation.sol#L171

Rapid7

Unknown

CVE-2023-38698

Unknown

Unknown

None

Low

Network

CVE-2023-38698

Description

Add Assessment

CVSS V3 Severity and Metrics

General Information

Vendors

Products

References

Canonical

Miscellaneous

Additional Info

Technical Analysis

Unknown

CVE-2023-38698

Unknown

Unknown

None

Low

Network

CVE-2023-38698

Description

Add Assessment

CVSS V3 Severity and Metrics

General Information

Vendors

Products

References

Canonical

Miscellaneous

Additional Info

Technical Analysis

Quick Cookie Notification