CNNVD-202506-2793 Information
CNNVD ID
CNNVD-202506-2793
Related CVE
- CNNVD Published: 2025-06-20
Description (Chinese)
BlueRiSC WindowsSCOPE Cyber Forensics是BlueRiSC公司的一个基于 GUI 的内存取证捕获和分析工具包。 BlueRiSC WindowsSCOPE Cyber Forensics存在数据伪造问题漏洞,该漏洞源于rv32im电路缺少约束,可能导致恶意证明者攻击。
Description (English)
BlueRisc WindowsSCOPE CyberForensis is a GUI-based memory forensic capture and analysis toolkit for BlueRisc. BlueRisc WindowsSCOPE CyberForensics has a data-false loophole, which stems from the lack of restrictions on the rv32im circuit and may lead to attacks by malicious probators.
Hazard Level
High
Vulnerability Type
数据伪造问题
Affected Vendor
BlueRiSC
Published
2025-06-20
Last Modified
2026-02-24
References
https://github.com/risc0/risc0/commit/67f2d81c638bff5f4fcfe11a084ebb34799b7a89 https://github.com/risc0/risc0/security/advisories/GHSA-g3qg-6746-3mg9 https://github.com/risc0/zirgen/pull/238 https://github.com/risc0/zirgen/commit/e0e2918302c93e956f73ca2e44aef2b861d8c3ae https://github.com/risc0/risc0/commit/006d86c363b16d2b2ac42d32d832a209ff8ab4c9 https://github.com/risc0/risc0/commit/1873bbb8a56793edd1f6195242d184cf6cc5175d https://github.com/risc0/risc0/pull/3181 https://access.redhat.com/security/cve/cve-2025-52484
Patch
https://docs.rs/risc0-zkvm/latest/risc0_zkvm/
Share on: