CVE-2024-56141
CVE-2024-56141 is a medium-severity vulnerability with a CVSS 3.x base score of 5.0. It is not currently listed as actively exploited by CISA, and its EPSS exploit-prediction score is low. The underlying weakness is classified as CWE-329.
Key facts
- Severity: Medium (CVSS 3.x base score 5.0)
- EPSS exploit prediction: 0% (2nd percentile)
- Actively exploited: Not listed in CISA KEV
- Weakness: CWE-329
- Published:
- Last modified:
Description
Minosoft is an open-source, multi-version Minecraft Java Edition client written in Kotlin. Starting in commit f1ae30e2b046a490026a8413b075685deb795122, the CryptManager encryption routine ( CryptManager.kt ) initializes its AES cipher using an initialization vector (IV) that is set equal to the secret key rather than to a sufficiently random value. Because the IV is not random and is derived directly from the key, the encryption is vulnerable to chosen-ciphertext/chosen-plaintext attacks: an attacker who can submit specific messages for encryption can recover the secret key. This affects all versions supporting Minecraft protocol 1.7 and later. No patched version is available, and no known workarounds are available.
Frequently asked questions
- What is CVE-2024-56141?
- Minosoft is an open-source, multi-version Minecraft Java Edition client written in Kotlin. Starting in commit f1ae30e2b046a490026a8413b075685deb795122, the CryptManager encryption routine ( CryptManager.kt ) initializes its AES cipher using an initialization vector (IV) that is set equal to the secret key rather than to a sufficiently random value. Because the IV is not random and is derived directly from the key, the encryption is vulnerable to chosen-ciphertext/chosen-plaintext attacks: an attacker who can submit specific messages for encryption can recover the secret key. This affects all versions supporting Minecraft protocol 1.7 and later. No patched version is available, and no known workarounds are available.
- How severe is CVE-2024-56141?
- CVE-2024-56141 has a CVSS 3.x base score of 5.0, rated medium severity. It is exploitable over network with high attack complexity, requires low privileges and no user interaction. Impact on confidentiality is low, integrity low, and availability low.
- Is CVE-2024-56141 being actively exploited?
- It is not currently listed in CISA's KEV catalog. Its EPSS exploit-prediction score is 0% (2nd percentile), an estimate of the probability of exploitation in the next 30 days.
- How do I fix CVE-2024-56141?
- Review the linked vendor and NVD advisories for patched versions and mitigations, then upgrade or apply the recommended workaround.
- When was CVE-2024-56141 published?
- CVE-2024-56141 was published on 2026-07-07.
References
- https://github.com/Bixilon/Minosoft/blob/3a608abe2d0999e4e702cc1b2d28366884c7f31e/src/main/java/de/bixilon/minosoft/protocol/protocol/encryption/CryptManager.kt#L72
- https://github.com/Bixilon/Minosoft/security/advisories/GHSA-rvr6-48rj-c94j
Other CWE-329 vulnerabilities
- CVE-2022-46397 — High (CVSS 7.5): FP.io VPP (Vector Packet Processor) 22.10, 22.06, 22.02, 21.10, 21.06, 21.01, 20.09, 20.05, 20.01, 19.08, and 19.04…
- CVE-2024-49783 — Medium (CVSS 5.3): IBM OpenPages with Watson 8.3 and 9.0 could provide weaker than expected security in storage of encrypted data. If…
- CVE-2026-14969 — Medium (CVSS 4.4): A flaw was found in 389-ds-base where the LDBM backend attribute encryption uses a hardcoded static initialization…
- CVE-2025-2814 — Medium (CVSS 4.0): Crypt::CBC versions between 1.21 and 3.05 for Perl may use the rand() function as the default source of entropy, which…
- CVE-2022-29054 — Low (CVSS 3.3): A missing cryptographic steps vulnerability [CWE-325] in the functions that encrypt the DHCP and DNS keys in Fortinet…