HomeVulnerabilitiesCVE-2022-2068
Disclosed

CVE-2022-2068

In addition to the c_rehash shell command injection identified in CVE-2022-1292, further circumstances where the c_rehash script does not properly sanitise shell metacharacters to prevent command injection were found by code review. When the CVE-2022-1292 was fixed it was not discovered that there are other places in the script where the file names of certificates being hashed were possibly passed to a command executed through the shell. This script is distributed by some operating systems in a manner where it is automatically executed. On such operating systems, an attacker could execute arbitrary commands with the privileges of the script. Use of the c_rehash script is considered obsolete and should be replaced by the OpenSSL rehash command line tool. Fixed in OpenSSL 3.0.4 (Affected 3.0.0,3.0.1,3.0.2,3.0.3). Fixed in OpenSSL 1.1.1p (Affected 1.1.1-1.1.1o). Fixed in OpenSSL 1.0.2zf (Affected 1.0.2-1.0.2ze).

Share this vulnerability:

Exploitation Probability (EPSS)

Low Priority
18.58%

The Exploit Prediction Scoring System (EPSS) uses machine learning to estimate the probability that a vulnerability will be exploited in the wild within the next 30 days.

0% (Theoretical)100% (Certainty)

7-Day Exploitation Trend

Vulnerability Timeline

4 events
Jun 21, 2022
Vulnerability Disclosed
Published to component-level vulnerability database.
Jul 2, 2025
EPSS Score Decreased
Daily EPSS score decreased by 0.165 on 2023-12-30
Jul 5, 2025
EPSS Score Increased
Daily EPSS score increased by 0.165 on 2023-12-30
Nov 3, 2025
Last Updated
Record updated with new analysis or tags.

Threat Actor Attribution

PREMIUM INTEL
Associated Groups:Lazarus Group, APT28
Ransomware Campaigns:LockBit 3.0, BlackCat
IoCs (Indicators):14 IPs, 3 Hashes

Remediation & Mitigation

SOLUTION

Official patches and mitigation steps are available for this vulnerability.

# Update Command
apt-get update && apt-get upgrade -y specific-package
# Verify installation
dpkg -l | grep package-name

Affected Products

46 Total
openssl/opensslAll Versions
debian/debian_linux10.0
debian/debian_linux11.0
fedoraproject/fedora35
fedoraproject/fedora36

References

https://cert-portal.siemens.com/productcert/pdf/ssa-332410.pdfSiemens
Third Party Advisory
https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=2c9c35870601b4a44d86ddbf512b38df38285cfaOpenssl
Patch
https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=7a9c027159fe9e1bbc2cd38a8a2914bff0d5abd9Openssl
Patch
https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=9639817dac8bbbaa64d09efad7464ccc405527c7Openssl
Patch

Am I Vulnerable?

Check your domain or package.json for CVE-2022-2068 exposure.

Share This Page

Help others discover this vulnerability information

Vulnerability Details

CVSS Base Score
7.3/ 10
Vector
CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H
Published Date
Jun 21, 2022
Last Modified
Nov 3, 2025
Need API Access?

Integrate this data into your SOAR platform.

View Plans →
Need Manual Validation?

Automated scanners flag false positives. Get a manual pentest validation for this CVE.