CVE-2025-27587
OpenSSL 3.0.0 through 3.3.2 on the PowerPC architecture is vulnerable to a Minerva attack, exploitable by measuring the time of signing of random messages using the EVP_DigestSign API, and then using the private key to extract the K value (nonce) from the signatures. Next, based on the bit size of the extracted nonce, one can compare the signing time of full-sized nonces to signatures that used smaller nonces, via statistical tests. There is a side-channel in the P-364 curve that allows private key extraction (also, there is a dependency between the bit size of K and the size of the side channel). NOTE: This CVE is disputed because the OpenSSL security policy explicitly notes that any side channels which require same physical system to be detected are outside of the threat model for the software. The timing signal is so small that it is infeasible to be detected without having the attacking process running on the same physical system.
We have discovered 62,861 live websites that are affected by CVE-2025-27587.
Affected Software
| Product |  OpenSSL |
| Category | Web Server Extensions |
| Vulnerable Domains | 62,861 live websites (12% of OpenSSL install base) |
| Vulnerable Versions |
|
| Vulnerable Versions Count | 37 versions ( 57% of all versions) |
Details
- Published - Jun 16, 2025
- Updated - Jun 26, 2025
CVE References
Website Distribution by Country
Number of websites using CVE-2025-27587 United States | 20,874 websites |
 Germany | 6,275 websites |
 GB | 3,692 websites |
 France | 3,633 websites |
 Japan | 3,450 websites |
 Canada | 1,849 websites |
 Netherlands | 1,778 websites |
 Italy | 1,615 websites |
 Czech Republic | 1,421 websites |
 Singapore | 1,394 websites |
Website Distribution by TLD
Number of websites using CVE-2025-27587| .com | 23,429 websites |
| .org | 4,012 websites |
| .de | 3,115 websites |
| .net | 3,108 websites |
| .co.uk | 1,795 websites |
| .jp | 1,688 websites |
| .edu | 1,365 websites |
| .it | 1,296 websites |
| .ca | 1,220 websites |
| .cz | 1,167 websites |
Vulnerable Versions
Vulnerable versions are highlighted in redWebsites affected by CVE-2025-27587
Top websites that are affected by CVE-2025-27587. Please click on the "Contact us" link to get more information.| Domain | Country | Rank | Contacts |
|---|---|---|---|
| ***********.com | United States | *,*** | |
| ***.***********.com | United States | *,*** | |
| *******.com | United States | *,*** | |
| *******.org | Germany | *,*** | |
| ***.***********.com | *,*** | ||
| ***.***********.com | *,*** | ||
| *******.org |  China | *,*** | |
| ***************.org | United States | *,*** | |
| *******.info | Singapore | *,*** | |
| ***.***********.com | United States | **,*** |