CVE-2025-9071

Erroneously using an all-zero seed for RSA-OEAP padding instead of the generated random bytes, in Oberon microsystems AG’s Oberon PSA Crypto library in all versions up to 1.5.1, results in deterministic RSA and thus in a loss of confidentiality for guessable messages, recognition of repeated...

CVE-2025-9071 Insecure RSA-OAEP implementation with all-zero seed for padding in Oberon PSA Crypto

Erroneously using an all-zero seed for RSA-OEAP padding instead of the generated random bytes, in Oberon microsystems AG’s Oberon PSA Crypto library in all versions up to 1.5.1, results in deterministic RSA and thus in a loss of confidentiality for guessable messages, recognition of repeated...

CVE-2025-9071

The CVE-2025-9071 entry concerns Oberon Microsystems’ Oberon PSA Crypto library (all versions up to 1.5.1). The root cause is using an all-zero seed for RSA-OEAP padding instead of the generated random bytes, making RSA deterministic. This leads to confidentiality loss for guessable messages, rec...

PT-2025-35197

Name of the Vulnerable Software and Affected Versions: Oberon PSA Crypto Library versions prior to 1.6 Description: The software uses an all-zero seed for RSA-OEAP padding instead of generated random bytes. This results in deterministic RSA, leading to a loss of confidentiality for guessable...