Vulnerability in OpenSSL can allow attackers to change an application’s behavior
The vulnerability ties the decryption of SM2 encrypted data, the changes depend on the targeted application and data it maintains (i.e. credentials) in the heap while the issue is exploited.