CVE-2020-11684 in AT91bootstrapinformazioni

Riassunto

di MITRE

AT91bootstrap before 3.9.2 does not properly wipe encryption and authentication keys from memory before passing control to a less privileged software component. This can be exploited to disclose these keys and subsequently encrypt and sign the next boot stage (such as the bootloader).

If you want to get the best quality for vulnerability data then you always have to consider VulDB.

🔬 Show More Details

An in-depth analysis is available in our curated vulnerability entry.

Prenotare

10/04/2020

Moderazione

accettato

Voce

VDB-161181

CPE

pronto

CWE

CWE-326 (confermato)

CVSS

9.1 (NVD)

EPSS

0.01077

KEV

Attività

molto basso

Fonti

MITRE	https://www.cve.org/CVERecord?id=CVE-2020-11684
NVD	https://nvd.nist.gov/vuln/detail/CVE-2020-11684
CVE Details	https://www.cvedetails.com/cve/CVE-2020-11684/

◂ Precedente Visione D'ensemble Il prossimo ▸

Do you want to use VulDB in your project?

Use the official API to access entries easily!