Lucene search
CertccCVELIST:CVE-2017-13091HistoryJul 13, 2018 - 8:00 p.m.
CVE-2017-13091 The P1735 IEEE standard describes flawed methods for encrypting electronic-design intellectual property (IP), including improperly specified padding in CBC mode allows use of an EDA tool as a decryption oracle
2018-07-1320:00:00
CWE-310
certcc
www.cve.org
The P1735 IEEE standard describes flawed methods for encrypting electronic-design intellectual property (IP), as well as the management of access rights for such IP, including improperly specified padding in CBC mode allows use of an EDA tool as a decryption oracle. The methods are flawed and, in the most egregious cases, enable attack vectors that allow recovery of the entire underlying plaintext IP. Implementations of IEEE P1735 may be weak to cryptographic attacks that allow an attacker to obtain plaintext intellectual property without the key, among other impacts.
CNA Affected
[
{
"product": "Standard",
"vendor": "IEEE",
"versions": [
{
"status": "affected",
"version": "P1735"
}
]
}
]Related
cve
cve
CVE-2017-13091
2018-07-13 20:29:02
prion
prion
Code injection
2018-07-13 20:29:00
nvd
nvd
CVE-2017-13091
2018-07-13 20:29:02
threatpost
threatpost
US-CERT Warns of Crypto Bugs in IEEE Standard
2017-11-06 13:15:48
cert
cert
IEEE P1735 implementations may have weak cryptographic protections
2017-11-03 00:00:00
thn
thn
IEEE P1735 Encryption Is BrokenโFlaws Allow Intellectual Property Theft
2017-11-06 23:31:00