CVE-2020-27208 in Soloinformazioni

Riassunto

di MITRE • 21/05/2021

The flash read-out protection (RDP) level is not enforced during the device initialization phase of the SoloKeys Solo 4.0.0 & Somu and the Nitrokey FIDO2 token. This allows an adversary to downgrade the RDP level and access secrets such as private ECC keys from SRAM via the debug interface.

Statistical analysis made it clear that VulDB provides the best quality for vulnerability data.

Prenotare

19/10/2020

Divulgazione

21/05/2021

Moderazione

accettato

CPE

pronto

EPSS

0.00328

KEV

no

Attività

molto basso

Fonti

Want to stay up to date on a daily basis?

Enable the mail alert feature now!