CVE-2018-0735 | Timing attack against ECDSA signature generation

The OpenSSL ECDSA signature algorithm has been shown to be vulnerable to a timing side channel attack. An attacker could use variations in the signing algorithm to recover the private key. Fixed in OpenSSL 1.1.0j (Affected 1.1.0-1.1.0i). Fixed in OpenSSL 1.1.1a (Affected 1.1.1).

Published: 2018-10-29 Last update: 2024-11-21 Assigner: [email protected] Source: [email protected]
NVD Status:ModifiedCVE State: published
View at NVD, CVE.org, EUVD

CVE-2018-0735 is rated Moderate Risk (52/100): CVSS Medium severity, with medium exploitation likelihood (EPSS 4.80%). Review affected assets and schedule remediation.

Risk is dynamic; we continuously reassess and refresh what is shown on this page as upstream context changes.

Exploit prediction scoring system (EPSS) score for CVE-2018-0735

EPSS lead: Daily EPSS estimates relative likelihood of exploitation; percentile ranks this CVE among scored vulnerabilities (higher = more severe relative rank).

# Date Old EPSS score New EPSS score Delta (New - Old)
1 2026-04-20 7.70% 4.80% -2.90%
2 2026-04-13 7.04% 7.70% +0.66%
3 2025-12-28 7.04%

Full EPSS history (28 records total)

Common vulnerability scoring system (CVSS) metrics for CVE-2018-0735

CVSS metrics for this CVE.

Base score Version Severity Vector Exploitability Impact Score source
5.9 3.1 MEDIUM
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N Click to expand
Attack vector (AV:N)
Could be attacked over the internet or any normal routed network—not just someone sitting at the machine.
Attack complexity (AC:H)
Even with access, the exploit needs extra luck, timing, or a fussy environment to actually work.
Privileges required (PR:N)
No account or special rights needed—anonymous or random user is enough.
User interaction (UI:N)
Nobody has to click “OK” or open a trap file; it can work without a victim helping.
Scope (S:U)
Damage stays in the same “trust bubble” as the broken component—no big spill into unrelated systems.
Confidentiality (C:H)
Serious risk that confidential data gets exposed in a big way.
Integrity (I:N)
Data isn’t meaningfully altered or forged.
Availability (A:N)
Service keeps running; no real outage angle.
 2.2 3.6 [email protected]
4.3 2.0 MEDIUM
AV:N/AC:M/Au:N/C:P/I:N/A:N Click to expand
Access vector (AV:N)
Can be exploited remotely over network reachability.
Access complexity (AC:M)
Exploitation needs some favorable conditions, but not exceptional ones.
Authentication (AU:N)
No authentication is required.
Confidentiality impact (C:P)
Partial confidentiality impact.
Integrity impact (I:N)
No integrity impact.
Availability impact (A:N)
No availability impact.
 8.6 2.9 [email protected]

Weakness enumeration for CVE-2018-0735

OS Trackers for CVE-2018-0735

vendor priority summary link
alpine medium CVE-2018-0735: 5 source package rows (nodejs, nodejs-current, openssl, openssl1.1-compat, openssl3); 32 state rows across 17 repos (3.10-main, 3.11-main, 3.12-main, 3.17-community, 3.17-main, 3.18-community, 3.18-main, 3.19-community, 3.19-main, 3.20-community, 3.20-main, 3.21-community, 3.21-main, 3.22-community, 3.22-main, edge-community, edge-main); fixed 32, open 0. https://security.alpinelinux.org/vuln/CVE-2018-0735
debian not yet assigned CVE-2018-0735 not yet assigned priority: Debian including 1 source packages (openssl), 5 status rows across 5 suites (bookworm, bullseye, forky, sid, trixie): resolved 5. https://security-tracker.debian.org/tracker/CVE-2018-0735
redhat low https://access.redhat.com/security/cve/CVE-2018-0735
suse medium CVE-2018-0735 severity moderate: SUSE including 360 source package names (15.0:libopenssl1_1-1.1.0i-4.15.1, 15.0:openssl-1_1-1.1.0i-4.15.1, …), 780 product×package rows across 106 product lines (Container suse/sle15, Image SLES12-SP5-Azure-BYOS, … (106 product lines)): Known Not Affected 419, Fixed 204, Known Affected 157. https://www.suse.com/security/cve/CVE-2018-0735/
ubuntu low CVE-2018-0735 low priority: Ubuntu including 3 source packages (openssl, openssl098, openssl1.0), 30 status rows across 10 suites (bionic, cosmic, disco, eoan, focal, groovy, hirsute, trusty, upstream, xenial): DNE 16, released 7, not-affected 4, needs-triage 3. https://ubuntu.com/security/CVE-2018-0735

Affected software / configurations for CVE-2018-0735

Vendor Product Version Raw CPE
openssl openssl >= 1.1.0, <= 1.1.0i cpe:2.3:a:openssl:openssl:*:*:*:*:*:*:*:*
openssl openssl 1.1.1 cpe:2.3:a:openssl:openssl:1.1.1:*:*:*:*:*:*:*
canonical ubuntu_linux 14.04 cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*
canonical ubuntu_linux 16.04 cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*
canonical ubuntu_linux 18.04 cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*
canonical ubuntu_linux 18.10 cpe:2.3:o:canonical:ubuntu_linux:18.10:*:*:*:*:*:*:*
debian debian_linux 8.0 cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
debian debian_linux 9.0 cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*
nodejs node.js >= 10.0.0, < 10.12.0 cpe:2.3:a:nodejs:node.js:*:*:*:*:-:*:*:*
nodejs node.js >= 11.0.0, < 11.3.0 cpe:2.3:a:nodejs:node.js:*:*:*:*:-:*:*:*
nodejs node.js 10.13.0 cpe:2.3:a:nodejs:node.js:10.13.0:*:*:*:lts:*:*:*
netapp cn1610_firmware cpe:2.3:o:netapp:cn1610_firmware:-:*:*:*:*:*:*:*
netapp cloud_backup cpe:2.3:a:netapp:cloud_backup:-:*:*:*:*:*:*:*
netapp element_software cpe:2.3:a:netapp:element_software:-:*:*:*:*:*:*:*
netapp oncommand_unified_manager cpe:2.3:a:netapp:oncommand_unified_manager:*:*:*:*:*:*:*:*
netapp oncommand_unified_manager >= 9.4 cpe:2.3:a:netapp:oncommand_unified_manager:*:*:*:*:*:vsphere:*:*
netapp santricity_smi-s_provider cpe:2.3:a:netapp:santricity_smi-s_provider:-:*:*:*:*:*:*:*
netapp smi-s_provider cpe:2.3:a:netapp:smi-s_provider:-:*:*:*:*:*:*:*
netapp snapdrive cpe:2.3:a:netapp:snapdrive:-:*:*:*:*:unix:*:*
netapp snapdrive cpe:2.3:a:netapp:snapdrive:-:*:*:*:*:windows:*:*
netapp steelstore cpe:2.3:a:netapp:steelstore:-:*:*:*:*:*:*:*
oracle api_gateway 11.1.2.4.0 cpe:2.3:a:oracle:api_gateway:11.1.2.4.0:*:*:*:*:*:*:*
oracle application_server 0.9.8 cpe:2.3:a:oracle:application_server:0.9.8:*:*:*:*:*:*:*
oracle application_server 1.0.0 cpe:2.3:a:oracle:application_server:1.0.0:*:*:*:*:*:*:*
oracle application_server 1.0.1 cpe:2.3:a:oracle:application_server:1.0.1:*:*:*:*:*:*:*
oracle enterprise_manager_base_platform 12.1.0.5.0 cpe:2.3:a:oracle:enterprise_manager_base_platform:12.1.0.5.0:*:*:*:*:*:*:*
oracle enterprise_manager_base_platform 13.2.0.0.0 cpe:2.3:a:oracle:enterprise_manager_base_platform:13.2.0.0.0:*:*:*:*:*:*:*
oracle enterprise_manager_base_platform 13.3.0.0.0 cpe:2.3:a:oracle:enterprise_manager_base_platform:13.3.0.0.0:*:*:*:*:*:*:*
oracle enterprise_manager_ops_center 12.3.3 cpe:2.3:a:oracle:enterprise_manager_ops_center:12.3.3:*:*:*:*:*:*:*
oracle mysql <= 5.6.42 cpe:2.3:a:oracle:mysql:*:*:*:*:*:*:*:*
oracle mysql >= 5.7.0, <= 5.7.24 cpe:2.3:a:oracle:mysql:*:*:*:*:*:*:*:*
oracle mysql >= 8.0.0, <= 8.0.13 cpe:2.3:a:oracle:mysql:*:*:*:*:*:*:*:*
oracle peoplesoft_enterprise_peopletools 8.55 cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.55:*:*:*:*:*:*:*
oracle peoplesoft_enterprise_peopletools 8.56 cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.56:*:*:*:*:*:*:*
oracle peoplesoft_enterprise_peopletools 8.57 cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.57:*:*:*:*:*:*:*
oracle primavera_p6_enterprise_project_portfolio_management >= 17.7, <= 17.12 cpe:2.3:a:oracle:primavera_p6_enterprise_project_portfolio_management:*:*:*:*:*:*:*:*
oracle primavera_p6_enterprise_project_portfolio_management 8.4 cpe:2.3:a:oracle:primavera_p6_enterprise_project_portfolio_management:8.4:*:*:*:*:*:*:*
oracle primavera_p6_enterprise_project_portfolio_management 15.1 cpe:2.3:a:oracle:primavera_p6_enterprise_project_portfolio_management:15.1:*:*:*:*:*:*:*
oracle primavera_p6_enterprise_project_portfolio_management 15.2 cpe:2.3:a:oracle:primavera_p6_enterprise_project_portfolio_management:15.2:*:*:*:*:*:*:*
oracle primavera_p6_enterprise_project_portfolio_management 16.1 cpe:2.3:a:oracle:primavera_p6_enterprise_project_portfolio_management:16.1:*:*:*:*:*:*:*
oracle primavera_p6_enterprise_project_portfolio_management 16.2 cpe:2.3:a:oracle:primavera_p6_enterprise_project_portfolio_management:16.2:*:*:*:*:*:*:*
oracle primavera_p6_enterprise_project_portfolio_management 18.8 cpe:2.3:a:oracle:primavera_p6_enterprise_project_portfolio_management:18.8:*:*:*:*:*:*:*
oracle secure_global_desktop 5.4 cpe:2.3:a:oracle:secure_global_desktop:5.4:*:*:*:*:*:*:*
oracle tuxedo 12.1.1.0.0 cpe:2.3:a:oracle:tuxedo:12.1.1.0.0:*:*:*:*:*:*:*
oracle vm_virtualbox < 6.0.0 cpe:2.3:a:oracle:vm_virtualbox:*:*:*:*:*:*:*:*
oracle vm_virtualbox >= 5.0.0, < 5.2.24 cpe:2.3:a:oracle:vm_virtualbox:*:*:*:*:*:*:*:*

References for CVE-2018-0735

URL Tags
http://www.securityfocus.com/bid/105750 Third Party Advisory VDB Entry
http://www.securitytracker.com/id/1041986 Third Party Advisory VDB Entry
https://access.redhat.com/errata/RHSA-2019:3700 Third Party Advisory
https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=56fb454d281a023b3f950d969693553d3f3ceea1
https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=b1d6d55ece1c26fa2829e2b819b038d7b6d692b4
https://lists.debian.org/debian-lts-announce/2018/11/msg00024.html Mailing List Third Party Advisory
https://nodejs.org/en/blog/vulnerability/november-2018-security-releases/ Third Party Advisory
https://security.netapp.com/advisory/ntap-20181105-0002/ Third Party Advisory
https://usn.ubuntu.com/3840-1/ Third Party Advisory
https://www.debian.org/security/2018/dsa-4348 Third Party Advisory
https://www.openssl.org/news/secadv/20181029.txt Vendor Advisory
https://www.oracle.com/security-alerts/cpujan2020.html Third Party Advisory
https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html Patch Third Party Advisory
https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html Patch Third Party Advisory
https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html Patch Third Party Advisory
cvelogic Threat Intelligence