Endpoint/Device Security, Vulnerability Management

Aptos Move VM bug identified

Share
Newly emergent blockchain network Aptos, which had its mainnet only launched last week, has been impacted by an already-patched flaw in its Move Virtual Machine, which could be exploited to facilitate a denial-of-service condition, reports The Hacker News. Numen Cyber Labs researchers discovered that the vulnerability stems from an issue in the Move programming language's verification module used for bytecode instruction validation before MoveVM execution. Attackers could exploit the integer overflow bug in the stack-based Web3 programming language to prompt Aptos nodes to crash, according to the report. "Since this vulnerability occurs in the Move execution module, for nodes on the chain, if the bytecode code is executed, it will cause a DoS attack. In severe cases, the Aptos network can be completely stopped, which will cause incalculable damage, and have a serious impact on the stability of the node," said Numen Cyber Labs.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.