507 matches found
Google Asylo Buffer Error Vulnerability
Google Asylo is a framework for developing trusted applications from Google Inc. in the United States. The software supports the creation of a trusted execution environment, including software isolation and hardware isolation. A buffer error vulnerability exists in Google Asylo version 0.6.0 and...
Google Asylo Buffer Error Vulnerability
Google Asylo is a framework for developing trusted applications from Google Inc. in the United States. The software supports the creation of a trusted execution environment, including software isolation and hardware isolation. Google Asylo version 0.6.0 suffers from a buffer error vulnerability...
Google Asylo Buffer Error Vulnerability
Google Asylo is a framework for developing trusted applications from Google Inc. in the United States. The software supports the creation of a trusted execution environment, including software isolation and hardware isolation. A security vulnerability exists in Google Asylo version 0.6.0 and...
hw: Information disclosure issue in Intel SGX via RAPL interface
A vulnerability was found in Intel's implementation of RAPL Running Average Power Limit. An attacker with a local account could query the power management functionality to intelligently infer SGX enclave computation values by measuring power usage in the RAPL subsystem...
CVE-2020-29438
Tesla Model X vehicles before 2020-11-23 have key fobs that accept firmware updates without signature verification. This allows attackers to construct firmware that retrieves an unlock code from a secure enclave chip...
CVE-2020-29438
Tesla Model X vehicles before 2020-11-23 have key fobs that accept firmware updates without signature verification. This allows attackers to construct firmware that retrieves an unlock code from a secure enclave chip...
Code injection
Tesla Model X vehicles before 2020-11-23 have key fobs that accept firmware updates without signature verification. This allows attackers to construct firmware that retrieves an unlock code from a secure enclave chip...
CVE-2020-29438
Tesla Model X vehicles before 2020-11-23 have key fobs that accept firmware updates without signature verification. This allows attackers to construct firmware that retrieves an unlock code from a secure enclave chip...
CVE-2020-29438
CVE-2020-29438 affects Tesla Model X key fob firmware prior to 2020-11-23. The vulnerability arises because key fobs accept firmware updates without signature verification, enabling an attacker to craft firmware that retrieves an unlock code from a secure enclave chip. Documents consistently desc...
Tesla Model X Data Falsification Issue Vulnerability
Tesla The Tesla Model X is a new energy vehicle from the American company Tesla. Tesla Model X vehicles versions prior to 2020-11-23 suffer from a security vulnerability that stems from having critical fobs that can accept firmware updates without signature verification.This allows an attacker to...
hw: Information disclosure issue in Intel SGX via RAPL interface
A vulnerability was found in Intel's implementation of RAPL Running Average Power Limit. An attacker with a local account could query the power management functionality to intelligently infer SGX enclave computation values by measuring power usage in the RAPL subsystem...
hw: Information disclosure issue in Intel SGX via RAPL interface
A vulnerability was found in Intel's implementation of RAPL Running Average Power Limit. An attacker with a local account could query the power management functionality to intelligently infer SGX enclave computation values by measuring power usage in the RAPL subsystem...
hw: Information disclosure issue in Intel SGX via RAPL interface
A vulnerability was found in Intel's implementation of RAPL Running Average Power Limit. An attacker with a local account could query the power management functionality to intelligently infer SGX enclave computation values by measuring power usage in the RAPL subsystem...
hw: Information disclosure issue in Intel SGX via RAPL interface
A vulnerability was found in Intel's implementation of RAPL Running Average Power Limit. An attacker with a local account could query the power management functionality to intelligently infer SGX enclave computation values by measuring power usage in the RAPL subsystem...
hw: Information disclosure issue in Intel SGX via RAPL interface
A vulnerability was found in Intel's implementation of RAPL Running Average Power Limit. An attacker with a local account could query the power management functionality to intelligently infer SGX enclave computation values by measuring power usage in the RAPL subsystem...
Vulnerabilities in processors fixed
Researchers have found vulnerabilities in several processors. The vulnerabilities marked CVE-2020-8694 and CVE-2020-8695 have been named Platypus, an acronym for Power Leakage Attacks: Targeting Your Protected User Secrets. The vulnerabilities allow a local malicious person to obtain obtain...
hw: Information disclosure issue in Intel SGX via RAPL interface
A vulnerability was found in Intel's implementation of RAPL Running Average Power Limit. An attacker with a local account could query the power management functionality to intelligently infer SGX enclave computation values by measuring power usage in the RAPL subsystem...
hw: Information disclosure issue in Intel SGX via RAPL interface
A vulnerability was found in Intel's implementation of RAPL Running Average Power Limit. An attacker with a local account could query the power management functionality to intelligently infer SGX enclave computation values by measuring power usage in the RAPL subsystem...
CVE-2020-8695
A vulnerability was found in Intel's implementation of RAPL Running Average Power Limit. An attacker with a local account could query the power management functionality to intelligently infer SGX enclave computation values by measuring power usage in the RAPL subsystem. Mitigation Until a firmwar...
Microsoft Open Enclave SDK Information Disclosure Vulnerability (CNVD-2020-64264)
Microsoft Open Enclave SDK is a Microsoft SDK Software Development Kit for building secure zone applications in C and C ++. A security vulnerability exists in Open Enclave versions prior to 0.12.0 that stems from an information disclosure vulnerability that exists when an Enclave application uses...