Lucene search

[email protected]CVE-2020-12788

HistorySep 14, 2020 - 2:15 p.m.

CVE-2020-12788

2020-09-1414:15:10

CWE-203

[email protected]

web.nvd.nist.gov

cve-2020-12788

cmac

verification

vulnerability

microchip

atmel

atsama5

timing analysis

power analysis

nvd

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

7.5 High

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

53.9%

JSON

CMAC verification functionality in Microchip Atmel ATSAMA5 products is vulnerable to vulnerable to timing and power analysis attacks.

Affected configurations

NVD

Node

microchipatsama5d21c-cu_firmwareMatch-

AND

microchipatsama5d21c-cuMatch-

Node

microchipatsama5d21c-cur_firmwareMatch-

AND

microchipatsama5d21c-curMatch-

Node

microchipatsama5d22c-cn_firmwareMatch-

AND

microchipatsama5d22c-cnMatch-

Node

microchipatsama5d22c-cnr_firmwareMatch-

AND

microchipatsama5d22c-cnrMatch-

Node

microchipatsama5d22c-cu_firmwareMatch-

AND

microchipatsama5d22c-cuMatch-

Node

microchipatsama5d22c-cur_firmwareMatch-

AND

microchipatsama5d22c-curMatch-

Node

microchipatsama5d23c-cn_firmwareMatch-

AND

microchipatsama5d23c-cnMatch-

Node

microchipatsama5d23c-cnr_firmwareMatch-

AND

microchipatsama5d23c-cnrMatch-

Node

microchipatsama5d23c-cu_firmwareMatch-

AND

microchipatsama5d23c-cuMatch-

Node

microchipatsama5d23c-cur_firmwareMatch-

AND

microchipatsama5d23c-curMatch-

Node

microchipatsama5d24c-cu_firmwareMatch-

AND

microchipatsama5d24c-cuMatch-

Node

microchipatsama5d24c-cuf_firmwareMatch-

AND

microchipatsama5d24c-cufMatch-

Node

microchipatsama5d24c-cur_firmwareMatch-

AND

microchipatsama5d24c-curMatch-

Node

microchipatsama5d26c-cn_firmwareMatch-

AND

microchipatsama5d26c-cnMatch-

Node

microchipatsama5d26c-cnr_firmwareMatch-

AND

microchipatsama5d26c-cnrMatch-

Node

microchipatsama5d26c-cu_firmwareMatch-

AND

microchipatsama5d26c-cuMatch-

Node

microchipatsama5d26c-cur_firmwareMatch-

AND

microchipatsama5d26c-curMatch-

Node

microchipatsama5d27c-cn_firmwareMatch-

AND

microchipatsama5d27c-cnMatch-

Node

microchipatsama5d27c-cnr_firmwareMatch-

AND

microchipatsama5d27c-cnrMatch-

Node

microchipatsama5d27c-cu_firmwareMatch-

AND

microchipatsama5d27c-cuMatch-

Node

microchipatsama5d27c-cur_firmwareMatch-

AND

microchipatsama5d27c-curMatch-

Node

microchipatsama5d28c-cn_firmwareMatch-

AND

microchipatsama5d28c-cnMatch-

Node

microchipatsama5d28c-cnr_firmwareMatch-

AND

microchipatsama5d28c-cnrMatch-

Node

microchipatsama5d28c-cu_firmwareMatch-

AND

microchipatsama5d28c-cuMatch-

Node

microchipatsama5d28c-cur_firmwareMatch-

AND

microchipatsama5d28c-curMatch-

Node

microchipatsama5d27c-cnvao_firmwareMatch-

AND

microchipatsama5d27c-cnvaoMatch-

Node

microchipatsama5d27c-cnrvao_firmwareMatch-

AND

microchipatsama5d27c-cnrvaoMatch-

Node

microchipatsama5d225c-d1m-cur_firmwareMatch-

AND

microchipatsama5d225c-d1m-curMatch-

Node

microchipatsama5d27c-d5m-cu_firmwareMatch-

AND

microchipatsama5d27c-d5m-cuMatch-

Node

microchipatsama5d27c-d5m-cur_firmwareMatch-

AND

microchipatsama5d27c-d5m-curMatch-

Node

microchipatsama5d27c-d1g-cu_firmwareMatch-

AND

microchipatsama5d27c-d1g-cuMatch-

Node

microchipatsama5d27c-d1g-cur_firmwareMatch-

AND

microchipatsama5d27c-d1g-curMatch-

Node

microchipatsama5d28c-d1g-cu_firmwareMatch-

AND

microchipatsama5d28c-d1g-cuMatch-

Node

microchipatsama5d28c-d1g-cur_firmwareMatch-

AND

microchipatsama5d28c-d1g-curMatch-

Node

microchipatsama5d27c-ld1g-cu_firmwareMatch-

AND

microchipatsama5d27c-ld1g-cuMatch-

Node

microchipatsama5d27c-ld1g-cur_firmwareMatch-

AND

microchipatsama5d27c-ld1g-curMatch-

Node

microchipatsama5d27c-ld2g-cu_firmwareMatch-

AND

microchipatsama5d27c-ld2g-cuMatch-

Node

microchipatsama5d27c-ld2g-cur_firmwareMatch-

AND

microchipatsama5d27c-ld2g-curMatch-

Node

microchipatsama5d28c-ld1g-cu_firmwareMatch-

AND

microchipatsama5d28c-ld1g-cuMatch-

Node

microchipatsama5d28c-ld1g-cur_firmwareMatch-

AND

microchipatsama5d28c-ld1g-curMatch-

Node

microchipatsama5d28c-ld2g-cu_firmwareMatch-

AND

microchipatsama5d28c-ld2g-cuMatch-

Node

microchipatsama5d28c-ld2g-cur_firmwareMatch-

AND

microchipatsama5d28c-ld2g-curMatch-

Node

microchipatsama5d27-wlsom1_firmwareMatch-

AND

microchipatsama5d27-wlsom1Match-

Node

microchipatsama5d27-som1_firmwareMatch-

AND

microchipatsama5d27-som1Match-

Node

microchipatsama5d31a-cu_firmwareMatch-

AND

microchipatsama5d31a-cuMatch-

Node

microchipatsama5d31a-cur_firmwareMatch-

AND

microchipatsama5d31a-curMatch-

Node

microchipatsama5d31a-cfu_firmwareMatch-

AND

microchipatsama5d31a-cfuMatch-

Node

microchipatsama5d31a-cfur_firmwareMatch-

AND

microchipatsama5d31a-cfurMatch-

Node

microchipatsama5d33a-cu_firmwareMatch-

AND

microchipatsama5d33a-cuMatch-

Node

microchipatsama5d33a-cur_firmwareMatch-

AND

microchipatsama5d33a-curMatch-

Node

microchipatsama5d34a-cu_firmwareMatch-

AND

microchipatsama5d34a-cuMatch-

Node

microchipatsama5d34a-cur_firmwareMatch-

AND

microchipatsama5d34a-curMatch-

Node

microchipatsama5d35a-cu_firmwareMatch-

AND

microchipatsama5d35a-cuMatch-

Node

microchipatsama5d35a-cur_firmwareMatch-

AND

microchipatsama5d35a-curMatch-

Node

microchipatsama5d35a-cn_firmwareMatch-

AND

microchipatsama5d35a-cnMatch-

Node

microchipatsama5d35a-cnr_firmwareMatch-

AND

microchipatsama5d35a-cnrMatch-

Node

microchipatsama5d36a-cu_firmwareMatch-

AND

microchipatsama5d36a-cuMatch-

Node

microchipatsama5d36a-cur_firmwareMatch-

AND

microchipatsama5d36a-curMatch-

Node

microchipatsama5d36a-cn_firmwareMatch-

AND

microchipatsama5d36a-cnMatch-

Node

microchipatsama5d36a-cnr_firmwareMatch-

AND

microchipatsama5d36a-cnrMatch-

Node

microchipatsama5d41a-cu_firmwareMatch-

AND

microchipatsama5d41a-cuMatch-

Node

microchipatsama5d41a-cur_firmwareMatch-

AND

microchipatsama5d41a-curMatch-

Node

microchipatsama5d41b-cu_firmwareMatch-

AND

microchipatsama5d41b-cuMatch-

Node

microchipatsama5d41b-curMatch-

AND

microchipatsama5d41b-cur_firmwareMatch-

Node

microchipatsama5d42a-cuMatch-

AND

microchipatsama5d42a-cu_firmwareMatch-

Node

microchipatsama5d42a-curMatch-

AND

microchipatsama5d42a-cur_firmwareMatch-

Node

microchipatsama5d42b-cuMatch-

AND

microchipatsama5d42b-cu_firmwareMatch-

Node

microchipatsama5d42b-curMatch-

AND

microchipatsama5d42b-cur_firmwareMatch-

Node

microchipatsama5d43a-cuMatch-

AND

microchipatsama5d43a-cu_firmwareMatch-

Node

microchipatsama5d43a-curMatch-

AND

microchipatsama5d43a-cur_firmwareMatch-

Node

microchipatsama5d43b-cuMatch-

AND

microchipatsama5d43b-cu_firmwareMatch-

Node

microchipatsama5d43b-cur_firmwareMatch-

AND

microchipatsama5d43b-curMatch-

Node

microchipatsama5d44a-cu_firmwareMatch-

AND

microchipatsama5d44a-cuMatch-

Node

microchipatsama5d44a-cur_firmwareMatch-

AND

microchipatsama5d44a-curMatch-

Node

microchipatsama5d44b-cu_firmwareMatch-

AND

microchipatsama5d44b-cuMatch-

Node

microchipatsama5d44b-cur_firmwareMatch-

AND

microchipatsama5d44b-curMatch-

CPENameOperatorVersion
microchip:atsama5d21c-cu_firmwaremicrochip atsama5d21c-cu firmwareeq-

CPE	Name	Operator	Version
microchip:atsama5d21c-cu_firmware	microchip atsama5d21c-cu firmware	eq	-

References

labs.f-secure.com/advisories/microchip-atsama5-soc-multiple-vulnerabilities/

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

7.5 High

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

53.9%

JSON

Related for CVE-2020-12788

cvelist1 nvd1 prion1