A Cryptographic Security Vulnerability Detected in Java: “Psychic Signatures”

April 26, 2022
11:40 am

[vc_row pix_particles_check=”” nav_skin=”light” consent_include=”include”][vc_column][vc_column_text]A cryptographic security vulnerability has been detected by security researchers in Java that allows threat actors to potentially capture communications and messages that should be encrypted, such as SSL communications and authentication processes (JWT).

The security vulnerability, called “Psychic Signatures,” monitored as CVE-2022-21449, is due to the incorrect application of the signature verification algorithm (ECDSA). Effective use of vulnerability results in the void of the integrity of content guaranteed by signatures.

The vulnerability affects Java 15, 16, 17, and 18 versions. In this context, it is recommended to immediately upgrade the vulnerable Java versions to the latest version (17.03 or 18.0.1) not to be the target of attacks that can be carried out using the vulnerability.[/vc_column_text][vc_empty_space][/vc_column][/vc_row]

A Cryptographic Security Vulnerability Detected in Java: “Psychic Signatures”

Share This:

Channel Partners

Become A Partner

Partner Portal Login

The Bridge Partner Program

Blog

Customer Stories

Datasheets

e-Books

Events

Glossary

Threat Intelligence Researches

Reports

Security News

Infographics

Whitepapers

Explore Our Ransomware Threats Report

Platform Overview

Brand Protection

Exposure Management

Cyber Threat Intelligence

Supply Chain Security

Technology Integrations

CONTACT US

About Us

Careers

News

Awards

Logos & Press Kit

Threat Intelligence Services

Brand Monitoring

Fraud Protection

VIP Security

Vulnerability Intelligence

Attack Surface Management

Preventing Data Leakage

Phishing Monitoring

Account Takeover Detection

Stolen Credit Cards

Dark Web Monitoring

Remediation and Takedown