Skip to content

Incomplete PCR Validation in Enclave Attestation for non-Evervault hosted Enclaves

High
John-Hetherton published GHSA-88h9-77c7-p6w4 Nov 11, 2025

Package

gomod evervault-go (Go)

Affected versions

<1.3.2

Patched versions

1.3.2

Description

Summary

A vulnerability was identified in the evervault-go SDK’s attestation verification logic that may allow incomplete documents to pass validation. This may cause the client to trust an enclave operator that does not meet expected integrity guarantees.

The exploitability of this issue is limited in Evervault-hosted environments as an attacker would require the pre-requisite ability to serve requests from specific evervault domain names, following from our ACME challenge based TLS certificate acquisition pipeline.

The vulnerability primarily affects applications which only check PCR8. Though the efficacy is also reduced for applications that check all PCR values, the impact is largely remediated by checking PCR 0, 1 and 2.

Patches

The identified issue has been addressed in version [1.3.2] by validating attestation documents before storing in the cache, and replacing the naive equality checks with a new SatisfiedBy check.

Workarounds

If you are using evervault-go to attest Enclaves that are hosted outside of Evervault environments and cannot upgrade:

1)Modify your application logic to fail verification if PCR8 is not explicitly present and non-empty
2)Add custom pre-validation to reject documents that omit any required PCRs.

References

https://github.com/evervault/evervault-go
https://docs.aws.amazon.com/enclaves/latest/user/set-up-attestation.html

POC

package evervault
import (
        "testing"

        "github.com/evervault/evervault-go/attestation"
        "github.com/stretchr/testify/assert"
        "github.com/hf/nitrite"
)


func TestVulnerableCompare(t *testing.T) {
          assert := assert.New(t)
          // arrange
          expectedPCRs := []attestation.PCRs{
                attestation.PCRs{
                      PCR0:
"000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001",
                      PCR1:
"000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002",
                      PCR2:
"000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000003",
                      PCR8:
"000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000004",
                     },
           }
            actualDocument := nitrite.Document {}
            actualDocument.PCRs = map[uint][]byte{
                    10: make([]byte, 32),
            }
            // act
            v := verifyPCRs(expectedPCRs, actualDocument)
            
            // assert
            // Verify should not pass but it does
            
            assert.Equal(true, v)
}

Severity

High

CVSS overall score

This score calculates overall vulnerability severity from 0 to 10 and is based on the Common Vulnerability Scoring System (CVSS).
/ 10

CVSS v3 base metrics

Attack vector
Network
Attack complexity
Low
Privileges required
High
User interaction
None
Scope
Changed
Confidentiality
High
Integrity
High
Availability
None

CVSS v3 base metrics

Attack vector: More severe the more the remote (logically and physically) an attacker can be in order to exploit the vulnerability.
Attack complexity: More severe for the least complex attacks.
Privileges required: More severe if no privileges are required.
User interaction: More severe when no user interaction is required.
Scope: More severe when a scope change occurs, e.g. one vulnerable component impacts resources in components beyond its security scope.
Confidentiality: More severe when loss of data confidentiality is highest, measuring the level of data access available to an unauthorized user.
Integrity: More severe when loss of data integrity is the highest, measuring the consequence of data modification possible by an unauthorized user.
Availability: More severe when the loss of impacted component availability is highest.
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:N

CVE ID

CVE-2025-64186

Weaknesses

No CWEs

Credits