VU#521113: Forge JavaScript library impacted by a vulnerability in signature verification.

Overview

The Forge JavaScript library provides TLS-related cryptographic utilities. A vulnerability that allows signature verification to be bypassed through crafted manipulation of ASN.1 structures, particularly in fields such as Message Authentication Code (MAC) data, was identified. Users of the node-forge package, and downstream consumers, are advised to update to the patched version in a timely manner.

Description

Forge (also available as the node-forge npm package) offers a range of cryptographic capabilities, including certificate generation, message signing and verification, and encryption and decryption. These functions depend on the ASN.1 parsing and validation routines of the library.

A flaw in the asn1.validate function was discovered that allows tampered ASN.1 data to pass validation even when cryptographically incorrect. By embedding custom options into certain ASN.1 fields that require recursive verification, an attacker can craft data that appears valid to the Forge verification routines. A proof-of-concept using manipulated PKCS#12 MAC data demonstrated how a forged payload could bypass signature verification.

The researcher who reported this issue has described the potential implications of the flaw as follows:

As a result, applications that rely on node-forge to enforce the structure and integrity of ASN.1-derived cryptographic protocols, including X.509 certificates, PKCS#7 messages, and PKCS#12 archives may be tricked into successfully validating malformed data.

While different environments will experience different levels of practical exposure, the underlying verification bypass is technically significant. The package is widely used, and a fix has been published. A patched release, version 1.3.2, is now available and includes updated test cases in tests/security/cve-2025-12816.js that illustrate the corrected behavior.

Impact

An attacker who can supply crafted ASN.1 data may cause applications relying on Forge for verification to accept forged or modified data as legitimate. This can enable authentication bypass, tampering with signed data, or misuse of certificate-related functions (e.g., cryptographically-signed software). In environments where cryptographic verification plays a central role in trust decisions, the potential impact can be significant.

Solution

Update to Forge version 1.3.2 or later. The fix is available in Pull Request #1124. Developers should integrate the updated version into their projects and distribute updates through their normal release channels.

Acknowledgements

Thanks to Hunter Wodzenski of Palo Alto Networks for responsibly reporting this issue. This document was written by Vijay Sarvepalli.