A critical cryptographic flaw in the jsrsasign library allows remote attackers to recover private keys by exploiting biased DSA nonces caused by incorrect comparison logic.

This vulnerability involves an Incomplete Comparison with Missing Factors within the getRandomBigIntegerZeroToMax and getRandomBigIntegerMinToMax functions. An unauthenticated attacker can exploit incorrect compareTo checks that accept out-of-range candidates, biasing DSA nonces during signature generation and leading to private key recovery.

A successful exploit of this vulnerability results in the total compromise of cryptographic identity. If an attacker recovers a private key, they can impersonate the affected entity, decrypt sensitive communications, and forge digital signatures. Given the CVSS score of 9.1, this represents a critical risk to data integrity and confidentiality across any system utilizing the affected library versions for secure communications.

Immediate Action: Update the jsrsasign library to version 11.1.1 or later immediately to patch the flawed cryptographic comparison logic.

Proactive Monitoring: Review application logs for unusual cryptographic activity and consider rotating any private keys that were utilized by the vulnerable library versions.

Compensating Controls: Implement strict input validation for cryptographic operations and ensure that sensitive key management is handled within secure, hardware-backed environments where possible.

Public Exploit Available: false

The severity of this cryptographic flaw cannot be overstated, as it undermines the fundamental security of the jsrsasign library. Organizations must prioritize the update to version 11.1.1 immediately. Failure to remediate this vulnerability leaves sensitive data and digital identities exposed to total compromise.