IRONSMITHINTEL
HIGHCVSS7.5
|CVE-2022-0778|Auth: none — presenting a crafted tls certificate is sufficient|Reboot: not required|Est. 30 minutes (service restarts required)|Manual only

OpenSSL < 3.0.2 — DoS

OpenSSL enters an infinite loop when parsing a certificate with an invalid elliptic curve. Update OpenSSL to 3.0.2 / 1.1.1n / 1.0.2zd — this affects any service that processes TLS certificates from untrusted sources.

Published Mar 15, 2022 · Updated May 10, 2026
Why patchRisk explained in plain English
Worst-case scenarioIf unpatched

An attacker can cause a denial of service against any service that uses OpenSSL to process certificates — including HTTPS servers, VPN endpoints, email servers using STARTTLS, and any custom application that parses X.509 certificates. The server process hangs indefinitely, requiring a restart.

How the attack works

OpenSSL's BN_mod_sqrt() function (used during elliptic curve point parsing) can enter an infinite loop when processing a specially crafted elliptic curve that contains an invalid polynomial. An attacker can trigger this by presenting a malicious certificate during a TLS handshake, causing the server to hang indefinitely.

Am I affected?Quick check

Probably yes if any of these apply:

Server Administrators
Security Engineers
DevOps Teams
Running OpenSSL 3.0 prior to 3.0.2, OpenSSL 1.1.1 prior to 1.1.1n, OpenSSL 1.0.2 prior to 1.0.2zd (premium only)

Affected OS versions

Windows Server 2016Windows Server 2019Windows Server 2022
Fixed inOpenSSL 3.0.2 / 1.1.1n / 1.0.2zd
Real-world incidentsWhat we've seen

The vulnerability is particularly severe for TLS client certificate authentication scenarios (mTLS), where the server processes a certificate presented by the client. An attacker with a crafted certificate can hang the TLS server without authentication. OpenSSL is embedded in thousands of open-source and commercial products — many required separate patches.

How to patch

Manual remediation steps

30 minutes (service restarts required)

Check OpenSSL Version

# Check system OpenSSL (if installed):
openssl version 2>$null

# Find all OpenSSL DLLs on the system:
Get-ChildItem "C:\Program Files" -Recurse -Filter "libssl-*.dll" -ErrorAction SilentlyContinue |
  Select-Object FullName, VersionInfo

Get-ChildItem "C:\Program Files" -Recurse -Filter "openssl.exe" -ErrorAction SilentlyContinue |
  ForEach-Object { & $_.FullName version }

Update OpenSSL

# Via winget (if OpenSSL is installed standalone):
winget upgrade ShiningLight.OpenSSL

# Or download from https://slproweb.com/products/Win32OpenSSL.html (Win64 binaries)
# Select OpenSSL 3.0.2+ (Light or full installer)

Update Applications That Bundle OpenSSL

# Many applications bundle their own OpenSSL — check:
# - Git for Windows: git --version (bundles OpenSSL)
# - Python: python -c "import ssl; print(ssl.OPENSSL_VERSION)"
# - curl: curl --version (reports OpenSSL version)

python -c "import ssl; print(ssl.OPENSSL_VERSION)" 2>$null
curl --version 2>$null | Select-String "OpenSSL"
git --version 2>$null

Verify

openssl version
# Must show OpenSSL 3.0.2 or 1.1.1n or later
PowerShell automationComing soon

No tested PowerShell script for this entry yet. We’re prioritising automation based on user demand.

References

CVE-2022-0778NVD