Scan free
LOWCVE-2016-1000346CVSS 3.7

CVE-2016-1000346: DH Key Validation in Bouncy Castle

Platform

java

Component

org.bouncycastle:bcprov-jdk14

Fixed in

1.56

AI Confidence: highNVDEPSS 1.0%Reviewed: May 2026
View on NVD
Save

CVE-2016-1000346 is a security vulnerability affecting the Bouncy Castle JCE Provider, specifically impacting versions up to 1.55. This flaw stems from inadequate validation of the other party's Diffie-Hellman (DH) public key. Exploitation could potentially lead to the exposure of sensitive information related to the other party's private key, particularly in static Diffie-Hellman implementations. A fix was released in version 1.56.

Java / Maven

Detect this CVE in your project

Upload your pom.xml file and we'll tell you instantly if you're affected.

Upload pom.xmlSupported formats: pom.xml · build.gradle

Impact and Attack Scenarios

The core of this vulnerability lies in the insufficient validation of the DH public key received during key exchange. An attacker could craft a malicious public key that, when processed by the Bouncy Castle provider, would reveal details about the legitimate party's private key. This is particularly concerning in static Diffie-Hellman scenarios, where the same key pair is used repeatedly, increasing the window of opportunity for an attacker. While the impact isn't immediate remote code execution, the compromise of a private key can have far-reaching consequences, potentially enabling decryption of past communications and impersonation of the affected party. The risk is amplified in environments where Bouncy Castle is used for secure communication protocols like TLS/SSL.

Exploitation Context

CVE-2016-1000346 was publicly disclosed in October 2018. There is no indication of active exploitation campaigns targeting this vulnerability. It is not currently listed on the CISA KEV catalog. Public proof-of-concept exploits are not widely available, suggesting a relatively low probability of exploitation, but the potential for key compromise remains a concern, especially in legacy systems still using vulnerable versions of Bouncy Castle.

Threat Intelligence

Exploit Status

Proof of ConceptUnknown
CISA KEVNO
Internet ExposureHigh

EPSS

0.96% (76% percentile)

CVSS Vector

THREAT INTELLIGENCE· CVSS 3.1CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N3.7LOWAttack VectorNetworkHow the attacker reaches the targetAttack ComplexityHighConditions required to exploitPrivileges RequiredNoneAuthentication level needed to attackUser InteractionNoneWhether a victim must take actionScopeUnchangedImpact beyond the vulnerable componentConfidentialityLowRisk of sensitive data exposureIntegrityNoneRisk of unauthorized data modificationAvailabilityNoneRisk of service disruptionnextguardhq.com · CVSS v3.1 Base Score
What do these metrics mean?
Attack Vector
Network — remotely exploitable over the internet. No physical or local access required. Widest attack surface.
Attack Complexity
High — requires a race condition, non-default configuration, or specific circumstances. Harder to exploit reliably.
Privileges Required
None — unauthenticated. No login or credentials needed to exploit.
User Interaction
None — attack is automatic and silent. Victim does nothing: no click, no file open.
Scope
Unchanged — impact is limited to the vulnerable component itself.
Confidentiality
Low — partial or indirect data access. Attacker gains limited information.
Integrity
None — no integrity impact. Attacker cannot modify data.
Availability
None — no availability impact. Service remains fully operational.

Affected Software

Componentorg.bouncycastle:bcprov-jdk14
Vendorosv
Affected rangeFixed in
1.56

Timeline

  1. Published
  2. Modified
  3. EPSS updated

Mitigation and Workarounds

The primary mitigation for CVE-2016-1000346 is to upgrade to Bouncy Castle JCE Provider version 1.56 or later. This version includes the necessary key parameter checks to prevent the vulnerability. If an immediate upgrade is not feasible due to compatibility issues, consider implementing stricter key validation routines within your application code to supplement the provider's validation. While not a direct replacement, this can provide an additional layer of defense. Review your application's use of static Diffie-Hellman and consider migrating to more secure key exchange mechanisms where possible. After upgrading, confirm the fix by performing a key exchange test and verifying that the key parameters are correctly validated.

How to fix

No official patch available. Check for workarounds or monitor for updates.

CVE Security Newsletter

Vulnerability analysis and critical alerts directly to your inbox.

Frequently asked questions

What is CVE-2016-1000346 — DH Key Validation in Bouncy Castle?

CVE-2016-1000346 is a vulnerability in Bouncy Castle JCE Provider versions up to 1.55 where insufficient validation of DH public keys can lead to private key compromise.

Am I affected by CVE-2016-1000346 in Bouncy Castle?

You are affected if you are using Bouncy Castle JCE Provider version 1.55 or earlier. Check your dependencies to determine if you are using a vulnerable version.

How do I fix CVE-2016-1000346 in Bouncy Castle?

Upgrade to Bouncy Castle JCE Provider version 1.56 or later to address the vulnerability. This version includes improved key parameter validation.

Is CVE-2016-1000346 being actively exploited?

There is no current evidence of active exploitation campaigns targeting CVE-2016-1000346, but the potential for key compromise remains a concern.

Where can I find the official Bouncy Castle advisory for CVE-2016-1000346?

Refer to the Bouncy Castle security advisories on their official website: https://www.bouncycastle.org/security/.

Is your project affected?

Upload your dependency file and we'll tell you instantly if this and other CVEs hit you.

Scan freeSearch CVEs