CVE-2024-45235 is a vulnerability identified in Fort, an RPKI Relying Party software used for validating Route Origin Authorizations (ROAs) in the Resource Public Key Infrastructure (RPKI) system. The issue arises when Fort processes resource certificates served by a malicious RPKI repository that is descended from a trusted Trust Anchor. Specifically, the malicious repository can provide a resource certificate containing an Authority Key Identifier (AKI) extension that lacks the keyIdentifier field, which is normally expected. Fort dereferences this pointer without proper validation or sanitization, leading to a null pointer dereference (CWE-476) and causing the software to crash. Since Fort is responsible for Route Origin Validation, its crash results in unavailability of this critical security function. Without Route Origin Validation, routers may accept invalid or malicious BGP route announcements, potentially leading to route hijacking, traffic interception, or denial of service. The vulnerability has a CVSS v3.1 base score of 7.5, reflecting a network attack vector with no privileges or user interaction required, and a high impact on availability. Although no exploits are known in the wild, the vulnerability poses a significant risk to the stability and security of Internet routing infrastructure relying on Fort. The lack of a patch link suggests that an update to Fort version 1.6.3 or later is expected to address this issue by properly sanitizing the AKI extension data before dereferencing. Organizations using Fort for RPKI validation should prioritize remediation to prevent potential routing disruptions.

For European organizations, the impact of CVE-2024-45235 can be substantial, particularly for ISPs, network operators, and critical infrastructure providers that depend on Fort for RPKI-based Route Origin Validation. The crash caused by processing malformed certificates leads to unavailability of route validation, increasing the risk of accepting invalid BGP route announcements. This can result in traffic interception, route hijacking, or denial of service attacks, undermining network reliability and security. Given Europe's dense and interconnected internet infrastructure, disruptions in routing validation can cascade, affecting multiple downstream networks and services. Critical sectors such as finance, government, telecommunications, and energy that rely on stable and secure routing may experience service degradation or outages. Furthermore, the vulnerability could be exploited by threat actors aiming to disrupt European internet traffic or conduct espionage by manipulating routing paths. Although no known exploits exist yet, the ease of exploitation (no authentication or user interaction required) and the high availability impact make this a pressing concern for European network operators.

1. Upgrade Fort to version 1.6.3 or later as soon as the patch is released to ensure proper sanitization of the Authority Key Identifier extension and prevent crashes. 2. Implement monitoring and alerting on Fort instances to detect crashes or abnormal behavior related to RPKI validation processes. 3. Validate and audit RPKI repositories and Trust Anchors to detect and block repositories serving malformed or suspicious resource certificates. 4. Employ redundancy in RPKI validation infrastructure to maintain Route Origin Validation availability even if one validator crashes. 5. Coordinate with upstream providers and RPKI repository maintainers to ensure repository integrity and timely updates. 6. Consider deploying additional RPKI validators from different vendors as a fallback to reduce single points of failure. 7. Stay informed through security advisories from Fort developers and RPKI community to apply updates promptly.