Java ECDSA Bug Lets Attackers Forge SSL Certificates – What You Must Do

Oracle released a security update that fixes a vulnerability allowing attackers to forge certain SSL certificates, handshake data, two‑factor authentication information, and other credentials generated by widely used open standards, enabling easy creation of fraudulent digital signatures.

The flaw affects the ECDSA (Elliptic Curve Digital Signature Algorithm) implementation in Java 15 and later versions. ECDSA is a cryptographic algorithm that provides digital authentication with smaller keys, making it suitable for standards such as FIDO‑based 2FA, SMAL, and OpenID.

The vulnerability is identified as CVE‑2022‑21449 and was first discovered by ForgeRock security researcher Neil Madden.

If you use ECDSA signatures in these security mechanisms and your server was running any Java 15, 16, 17, or 18 version before the critical patch in April 2022, an attacker can easily bypass them completely; almost all WebAuthn/FIDO devices and many OIDC providers rely on ECDSA‑signed JWTs.

Madden notes that the affected Java versions fail to verify two critical variables in the ECDSA algorithm to ensure they are non‑zero.

ECDSA signatures depend on a random number K, which generates two additional numbers R and S. Verification requires checking an equation involving R and S; both values must be non‑zero for the signature to be valid.

If R and S were zero, the equation would always hold, making the signature appear valid and allowing an empty signature to pass verification.

The bug was introduced when the related code was ported from C++ to Java, tracing back to the release of Java 15 in 2020. It was reported to Oracle in November of the previous year and fixed in the April critical patch update.

Oracle assigned a CVSS severity score of 7.5 out of 10, while Madden rates the issue as a 10, and security expert Thomas Ptacek called it the “crypto bug of the year.”

Java 15 and later versions are not as widely adopted as earlier releases; Snyk’s 2021 data showed Java 15 accounted for only 12 % of usage.