DEV Community

CVE Reports
CVE Reports

Posted on • Originally published at cvereports.com

CVE-2026-22696: Trust Me, Bro: Breaking Intel SGX Attestation in dcap-qvl

#security #cve #cybersecurity

Trust Me, Bro: Breaking Intel SGX Attestation in dcap-qvl

Vulnerability ID: CVE-2026-22696
CVSS Score: 8.2
Published: 2026-01-26

A critical lapse in the verification logic of the Phala Network 'dcap-qvl' library allowed attackers to bypass Intel SGX/TDX remote attestation. By failing to cryptographically verify the Quoting Enclave (QE) Identity collateral and neglecting to enforce attribute policies, the library accepted forged quotes from malicious or debug enclaves as valid hardware-backed proofs.

TL;DR

The dcap-qvl library, used to verify Intel SGX quotes, trusted the 'Quoting Enclave Identity' metadata without verifying its digital signature. It also failed to cross-reference the actual Quoting Enclave's attributes against this identity. This allowed attackers to forge a chain of trust using self-signed metadata and malicious enclaves, completely compromising the confidentiality guarantees of the system.

⚠️ Exploit Status: POC

Technical Details

  • CWE ID: CWE-347
  • CWE Name: Improper Verification of Cryptographic Signature
  • Attack Vector: Network
  • Impact: Critical (Total Loss of Confidentiality/Integrity)
  • CVSS v3.1: 8.2 (High)
  • Exploit Status: PoC / Functional

Affected Systems

  • dcap-qvl (Rust Library)
  • @phala/dcap-qvl (Node.js/JS Wrapper)
  • Systems relying on Phala Network's attestation primitives prior to Jan 2026
  • dcap-qvl: < 0.3.9 (Fixed in: 0.3.9)
  • @phala/dcap-qvl: < 0.3.9 (Fixed in: 0.3.9)

Code Analysis

Commit: 0ea1735

Integration of RustCrypto crates for signature verification

+ use p256::ecdsa::{Signature, VerifyingKey};
Enter fullscreen mode Exit fullscreen mode

Commit: 7fe54ae

Fix SVN array comparison logic

- if self.svn < other.svn
+ if self.svn.iter().zip(&other.svn).any(|(a, b)| a < b)
Enter fullscreen mode Exit fullscreen mode

Exploit Details

  • Manual Analysis: Exploitation involves creating a JSON file with modified MRSIGNER and using a debug enclave to sign the Quote.

Mitigation Strategies

  • Upgrade to the latest version of the verification library immediately.
  • Ensure your attestation policy explicitly rejects Debug enclaves.
  • Verify that your dependency tree pulls in the patched cryptographic backends (p256, ecdsa).

Remediation Steps:

  1. Update dcap-qvl (Rust) to version >= 0.3.9
  2. Update @phala/dcap-qvl (JS) to the latest release
  3. Re-build the application to ensure Cargo.lock updates are applied.

References

Read the full report for CVE-2026-22696 on our website for more details including interactive diagrams and full exploit analysis.

Top comments (0)