CVE-2022-23491 concerns a vulnerability in the python-certifi package, which is a curated collection of root certificates used to validate the trustworthiness of SSL/TLS certificates. Certifi plays a critical role in verifying the identity of TLS hosts by providing a trusted root certificate store. The vulnerability arises from the inclusion of root certificates issued by TrustCor, a certificate authority whose root certificates were removed from Certifi starting with version 2022.12.07. This removal was prompted by Mozilla's investigation following media reports that TrustCor's ownership was linked to a business producing spyware. Consequently, the root certificates from TrustCor were deemed untrustworthy and removed from Mozilla's root store, which Certifi mirrors. The vulnerability is classified under CWE-345, indicating insufficient verification of data authenticity. In this context, the presence of untrusted or compromised root certificates in the trust store can allow attackers to issue fraudulent certificates that would be accepted as valid by systems relying on Certifi for TLS verification. This could enable man-in-the-middle (MITM) attacks, interception, or spoofing of secure communications. The affected versions are all python-certifi releases prior to 2022.12.07, which still include TrustCor root certificates. There are no known exploits in the wild reported for this vulnerability. The issue is not a direct code flaw but rather a trustworthiness problem in the root certificate store, impacting the integrity of TLS certificate validation. The vulnerability does not require user interaction or authentication to be exploited but depends on the presence of TrustCor root certificates in the trust store and an attacker’s ability to issue certificates under that root. The patch involves removing these root certificates from the trust store, which has been done in Certifi 2022.12.07 and later.

For European organizations, this vulnerability undermines the foundational trust model of TLS communications when using python-certifi versions prior to 2022.12.07. Since Certifi is widely used in Python applications for SSL certificate verification, any system relying on these versions may accept TLS certificates issued by the distrusted TrustCor root, potentially allowing attackers to intercept or spoof secure communications. This could lead to data confidentiality breaches, credential theft, or injection of malicious content. The impact is particularly significant for organizations handling sensitive data, such as financial institutions, healthcare providers, and government agencies. However, the actual risk depends on whether attackers can leverage TrustCor-issued certificates to impersonate legitimate services. Given that TrustCor root certificates are being removed globally, the risk is mitigated over time as organizations update their Certifi packages. The vulnerability does not directly affect availability but compromises confidentiality and integrity of communications. Since no known exploits exist, the immediate threat is moderate, but the potential for MITM attacks remains until systems are updated.

European organizations should immediately audit their Python environments to identify usage of python-certifi versions prior to 2022.12.07. They must upgrade to version 2022.12.07 or later to ensure removal of TrustCor root certificates from the trust store. Additionally, organizations should verify that their TLS clients and servers do not rely on TrustCor certificates by inspecting their local trust stores and certificate chains. Implementing certificate pinning where feasible can reduce reliance on external root stores. Monitoring network traffic for unusual TLS certificate chains or unexpected root authorities can help detect potential misuse. Organizations should also stay informed about updates from Mozilla and Certifi regarding trusted root certificates. For critical systems, consider deploying additional TLS validation layers or using alternative trusted root stores until the environment is fully updated. Finally, ensure that software supply chain processes include timely updates of dependencies like python-certifi to prevent similar issues.