2.1 Low
CVSS2
Access Vector
LOCAL
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:L/AC:L/Au:N/C:P/I:N/A:N
0.002 Low
EPSS
Percentile
54.4%
Werner Koch reports:
CVE-2013-4576 has been assigned to this security bug.
The paper describes two attacks. The first attack allows
to distinguish keys: An attacker is able to notice which key is
currently used for decryption. This is in general not a problem but
may be used to reveal the information that a message, encrypted to a
commonly not used key, has been received by the targeted machine. We
do not have a software solution to mitigate this attack.
The second attack is more serious. It is an adaptive
chosen ciphertext attack to reveal the private key. A possible
scenario is that the attacker places a sensor (for example a standard
smartphone) in the vicinity of the targeted machine. That machine is
assumed to do unattended RSA decryption of received mails, for example
by using a mail client which speeds up browsing by opportunistically
decrypting mails expected to be read soon. While listening to the
acoustic emanations of the targeted machine, the smartphone will send
new encrypted messages to that machine and re-construct the private
key bit by bit. A 4096 bit RSA key used on a laptop can be revealed
within an hour.