CVE-2025-58359 is a medium-severity vulnerability affecting versions 2.0.0 through 2.1.0 of ZF FROST, a Rust implementation of the Flexible Round-Optimised Schnorr Threshold (FROST) signature scheme developed by the Zcash Foundation. The vulnerability arises from a missing cryptographic step related to the refresh share functionality within the frost_core::keys::refresh module. Specifically, the implementation does not allow the threshold parameter (min_signers) to be effectively lowered when refreshing shares. Although users might attempt to reduce the threshold to require fewer signers for signature generation, the system does not enforce this change; signing attempts with a smaller threshold fail, but signing with the original threshold remains possible. This discrepancy can lead to a security loss because participants' shares may be exposed or weakened if the threshold is misunderstood or misused. The core issue is a lack of clarity and enforcement around threshold changes during share refresh operations, which can undermine the intended security guarantees of threshold signatures. The vulnerability is fixed in version 2.2.0 of the library. The CVSS 4.0 score is 6.0 (medium), reflecting network attack vector, low attack complexity, partial authentication required, no user interaction, and high impact on confidentiality but no impact on integrity or availability. No known exploits are reported in the wild as of the publication date.

For European organizations leveraging ZF FROST for cryptographic operations, particularly those relying on threshold signatures for securing multi-party authorization or distributed key management, this vulnerability could weaken the security model. An attacker or malicious insider with partial access could exploit the misunderstanding or misuse of the threshold parameter to reduce the effective security threshold, potentially enabling unauthorized signing or key compromise. This could lead to unauthorized transactions, data signing, or other cryptographic operations being performed without the intended quorum, undermining trust in critical systems such as blockchain infrastructures, secure communications, or financial services. Given the high confidentiality impact, sensitive cryptographic keys or signatures could be exposed or forged. However, the requirement for partial authentication and the absence of user interaction reduces the likelihood of widespread exploitation. The lack of known exploits suggests limited active threat but does not preclude targeted attacks. Organizations in sectors such as finance, blockchain technology, and secure communications in Europe should be particularly vigilant.

European organizations using ZF FROST should immediately upgrade to version 2.2.0 or later, where the vulnerability is fixed. Prior to upgrading, they should audit their use of the refresh share functionality to ensure that threshold parameters have not been improperly lowered or misconfigured. Implement strict operational procedures and code reviews around threshold changes to prevent misuse. Additionally, organizations should monitor cryptographic operations for anomalies indicating unauthorized signing attempts or threshold misuse. Where possible, implement multi-factor authentication and enhanced logging around key management operations. For critical deployments, consider additional cryptographic safeguards or alternative threshold signature implementations until the patch is applied. Engage with the Zcash Foundation or maintainers for guidance on secure upgrade paths and best practices. Finally, conduct security awareness training for developers and operators on the nuances of threshold signature schemes and the importance of correct parameter management.