Lucene search
K

17 matches found

Packet Storm News
Packet Storm News
added 2026/05/21 12:0 a.m.12 views

TriSweep: A Four-Drone Swarm Framework for Electromagnetic Side-Channel Analysis

Electromagnetic EM side-channel analysis traditionally assumes a stationary, close-proximity probe - a threat model that underestimates aerial adversaries. TriSweep is a simulation framework that designs and evaluates a four-drone swarm architecture for autonomous standoff EM-SCA of embedded...

5.8AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/05/14 12:0 a.m.14 views

Capacitive Touchscreens at Risk: A Practical Side-Channel Attack on Smartphones Via Electromagnetic Emanations

Capacitive touchscreens in modern smartphones introduce severe side-channel vulnerabilities. However, existing attacks often require restrictive conditions or invasive measurements. This paper presents TESLA, a novel, contactless electromagnetic EM side-channel attack that exploits inherent EM...

5.9AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/12/08 12:0 a.m.5 views

Breaking ECDSA with Electromagnetic Side-Channel Attacks: Challenges and Practicality on Modern Smartphones

Smartphones handle sensitive tasks such as messaging and payment and may soon support critical electronic identification through initiatives such as the European Digital Identity EUDI wallet, currently under development. Yet the susceptibility of modern smartphones to physical side-channel analys...

6.7AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/10/14 12:0 a.m.4 views

ShuffleV: A Microarchitectural Defense Strategy against Electromagnetic Side-Channel Attacks in Microprocessors

The run-time electromagnetic EM emanation of microprocessors presents a side-channel that leaks the confidentiality of the applications running on them. Many recent works have demonstrated successful attacks leveraging such side-channels to extract the confidentiality of diverse applications, suc...

6.9AI score
Exploits0
EUVD
EUVD
added 2025/10/03 8:7 p.m.14 views

EUVD-2024-41550

Malicious code in bioql PyPI...

4.2CVSS6.8AI score0.00329EPSS
Exploits0References6
OSV
OSV
added 2024/09/03 8:15 p.m.4 views

CVE-2024-45678

Yubico YubiKey 5 Series devices with firmware before 5.7.0 and YubiHSM 2 devices with firmware before 2.4.0 allow an ECDSA secret-key extraction attack that requires physical access and expensive equipment in which an electromagnetic side channel is present because of a non-constant-time modular...

4.2CVSS5.7AI score0.00329EPSS
Exploits0References6
NVD
NVD
added 2024/09/03 8:15 p.m.41 views

CVE-2024-45678

Yubico YubiKey 5 Series devices with firmware before 5.7.0 and YubiHSM 2 devices with firmware before 2.4.0 allow an ECDSA secret-key extraction attack that requires physical access and expensive equipment in which an electromagnetic side channel is present because of a non-constant-time modular...

4.2CVSS0.00329EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2024/09/03 12:0 a.m.5 views

PT-2024-31724

Name of the Vulnerable Software and Affected Versions: Yubico YubiKey 5 Series devices with firmware before 5.7.0 YubiHSM 2 devices with firmware before 2.4.0 Description: The issue allows an ECDSA secret-key extraction attack that requires physical access and expensive equipment. This attack is...

4.2CVSS5.3AI score0.00329EPSS
Exploits0References19
CNNVD
CNNVD
added 2024/09/03 12:0 a.m.4 views

Yubico YubiKey 5 安全漏洞

Yubico YubiKey 5 is a multi-protocol secure secret key device from Yubico. A security vulnerability exists in Yubico YubiKey 5 versions prior to 5.7.0 and YubiHSM 2 versions prior to 2.4.0, which stems from an electromagnetic side channel due to a non-constant time modulo inversion in the Extende...

4.2CVSS6.3AI score0.00329EPSS
Exploits0References7
Vulnrichment
Vulnrichment
added 2024/09/03 12:0 a.m.21 views

CVE-2024-45678

Yubico YubiKey 5 Series devices with firmware before 5.7.0 and YubiHSM 2 devices with firmware before 2.4.0 allow an ECDSA secret-key extraction attack that requires physical access and expensive equipment in which an electromagnetic side channel is present because of a non-constant-time modular...

7.1AI score0.00329EPSS
Exploits0References6
Cvelist
Cvelist
added 2024/09/03 12:0 a.m.40 views

CVE-2024-45678

Yubico YubiKey 5 Series devices with firmware before 5.7.0 and YubiHSM 2 devices with firmware before 2.4.0 allow an ECDSA secret-key extraction attack that requires physical access and expensive equipment in which an electromagnetic side channel is present because of a non-constant-time modular...

0.00329EPSS
Exploits0References6
OpenVAS
OpenVAS
added 2021/06/07 12:0 a.m.21 views

Huawei EulerOS: Security Advisory for nss (EulerOS-SA-2021-1931)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

4.4CVSS6.8AI score0.00337EPSS
Exploits0References2
The Hacker News
The Hacker News
added 2021/01/08 4:56 p.m.7 views

New Attack Could Let Hackers Clone Your Google Titan 2FA Security Keys

Hardware security keys—such as those from Google and Yubico—are considered the most secure means to protect accounts from phishing and takeover attacks. But a new research published on Thursday demonstrates how an adversary in possession of such a two-factor authentication 2FA device can clone it...

4.2CVSS6.1AI score0.00196EPSS
Exploits1
The Hacker News
The Hacker News
added 2021/01/08 4:56 p.m.107 views

New Attack Could Let Hackers Clone Your Google Titan 2FA Security Keys

Hardware security keys—such as those from Google and Yubico—are considered the most secure means to protect accounts from phishing and takeover attacks. But a new research published on Thursday demonstrates how an adversary in possession of such a two-factor authentication 2FA device can clone it...

4.2CVSS0.5AI score0.00196EPSS
Exploits1
RedHat Linux
RedHat Linux
added 2020/09/29 10:31 p.m.6 views

nss: ECDSA timing attack mitigation bypass

A flaw was found in nss. Using the EM side-channel, it is possible to extract the position of zero and non-zero wNAF digits while nss-certutil tool performs scalar multiplication during the ECDSA signature generation, leaking partial information about the ECDSA nonce. Given a small number of ECDS...

4.7CVSS7AI score0.00323EPSS
Exploits0References5
Prion
Prion
added 2020/07/09 3:15 p.m.20 views

Design/Logic Flaw

During RSA key generation, bignum implementations used a variation of the Binary Extended Euclidean Algorithm which entailed significantly input-dependent flow. This allowed an attacker able to perform electromagnetic-based side channel attacks to record traces leading to the recovery of the secr...

1.2CVSS5.7AI score0.00337EPSS
Exploits0References13Affected Software4
OSV
OSV
added 2020/06/19 12:0 a.m.2 views

UBUNTU-CVE-2020-12402

During RSA key generation, bignum implementations used a variation of the Binary Extended Euclidean Algorithm which entailed significantly input-dependent flow. This allowed an attacker able to perform electromagnetic-based side channel attacks to record traces leading to the recovery of the secr...

4.4CVSS7.3AI score0.00337EPSS
Exploits0References5
Rows per page
Query Builder