143 matches found
CVE-2024-31955
An issue was discovered in Samsung eMMC with KLMAG2GE4A and KLM8G1WEMB firmware. Code bypass through Electromagnetic Fault Injection allows an attacker to successfully authenticate and write to the RPMB Replay Protected Memory Block area without possessing secret information...
CVE-2022-42784
A vulnerability has been identified in LOGO! 12/24RCE 6ED1052-1MD08-0BA1 All versions = V8.3, LOGO! 12/24RCEo 6ED1052-2MD08-0BA1 All versions = V8.3, LOGO! 230RCE 6ED1052-1FB08-0BA1 All versions = V8.3, LOGO! 230RCEo 6ED1052-2FB08-0BA1 All versions = V8.3, LOGO! 24CE 6ED1052-1CC08-0BA1 All versio...
SAMSUNG eMMC 安全漏洞
SAMSUNG eMMC is a standard for flash memory cards from Samsung South Korea. A security vulnerability exists in SAMSUNG eMMC versions KLMAG2GE4A and KLM8G1WEMB, which originates from a code bypass via electromagnetic fault injection, which allows an attacker to successfully authenticate and write ...
CVE-2024-31955
An issue was discovered in Samsung eMMC with KLMAG2GE4A and KLM8G1WEMB firmware. Code bypass through Electromagnetic Fault Injection allows an attacker to successfully authenticate and write to the RPMB Replay Protected Memory Block area without possessing secret information...
RAMBO Attack: Electromagnetic Waves Steal Data from Air-Gapped Systems
Discover the RAMBO attack, a groundbreaking method that uses electromagnetic waves to steal data from air-gapped systems. Learn…...
CVE-2024-45678
Yubico YubiKey 5 Series devices with firmware before 5.7.0 and YubiHSM 2 devices with firmware before 2.4.0 allow an ECDSA secret-key extraction attack that requires physical access and expensive equipment in which an electromagnetic side channel is present because of a non-constant-time modular...
CVE-2024-45678
Yubico YubiKey 5 Series devices with firmware before 5.7.0 and YubiHSM 2 devices with firmware before 2.4.0 allow an ECDSA secret-key extraction attack that requires physical access and expensive equipment in which an electromagnetic side channel is present because of a non-constant-time modular...
Yubico YubiKey 5 安全漏洞
Yubico YubiKey 5 is a multi-protocol secure secret key device from Yubico. A security vulnerability exists in Yubico YubiKey 5 versions prior to 5.7.0 and YubiHSM 2 versions prior to 2.4.0, which stems from an electromagnetic side channel due to a non-constant time modulo inversion in the Extende...
CVE-2024-45678
The CVE-2024-45678 EYCL EAK issue affects Yubico YubiKey 5 Series firmware < 5.7.0 and YubiHSM 2 firmware
CVE-2024-45678
Yubico YubiKey 5 Series devices with firmware before 5.7.0 and YubiHSM 2 devices with firmware before 2.4.0 allow an ECDSA secret-key extraction attack that requires physical access and expensive equipment in which an electromagnetic side channel is present because of a non-constant-time modular...
CVE-2024-45678
Yubico YubiKey 5 Series devices with firmware before 5.7.0 and YubiHSM 2 devices with firmware before 2.4.0 allow an ECDSA secret-key extraction attack that requires physical access and expensive equipment in which an electromagnetic side channel is present because of a non-constant-time modular...
PT-2024-31724
Name of the Vulnerable Software and Affected Versions: Yubico YubiKey 5 Series devices with firmware before 5.7.0 YubiHSM 2 devices with firmware before 2.4.0 Description: The issue allows an ECDSA secret-key extraction attack that requires physical access and expensive equipment. This attack is...
CVE-2023-51392
Ember ZNet between v7.2.0 and v7.4.0 used software AES-CCM instead of integrated hardware cryptographic accelerators, potentially increasing risk of electromagnetic and differential power analysis sidechannel attacks...
Hardcoded credentials
Ember ZNet between v7.2.0 and v7.4.0 used software AES-CCM instead of integrated hardware cryptographic accelerators, potentially increasing risk of electromagnetic and differential power analysis sidechannel attacks...
CVE-2023-51392 Silicon Labs EFR32xxx parts with classic key storage do not use hardware accelerated AES-CCM
Ember ZNet between v7.2.0 and v7.4.0 used software AES-CCM instead of integrated hardware cryptographic accelerators, potentially increasing risk of electromagnetic and differential power analysis sidechannel attacks...
CVE-2023-51392 Silicon Labs EFR32xxx parts with classic key storage do not use hardware accelerated AES-CCM
Ember ZNet between v7.2.0 and v7.4.0 used software AES-CCM instead of integrated hardware cryptographic accelerators, potentially increasing risk of electromagnetic and differential power analysis sidechannel attacks...
Side Channels Are Common
Really interesting research: "Lend Me Your Ear: Passive Remote Physical Side Channels on PCs." Abstract: We show that built-in sensors in commodity PCs, such as microphones, inadvertently capture electromagnetic side-channel leakage from ongoing computation. Moreover, this information is often...
Unspecified Vulnerability in Siemens LOGO! BM (Base Module) Devices
Siemens LOGO! BM Base Module devices are used for basic small-scale automation tasks. An unspecified vulnerability exists in the Siemens LOGO! BM Base Module device due to the susceptibility of the affected device to electromagnetic fault injection. An attacker could exploit the vulnerability to...
CVE-2022-42784
A vulnerability has been identified in LOGO! 12/24RCE 6ED1052-1MD08-0BA1 All versions = V8.3, LOGO! 12/24RCEo 6ED1052-2MD08-0BA1 All versions = V8.3, LOGO! 230RCE 6ED1052-1FB08-0BA1 All versions = V8.3, LOGO! 230RCEo 6ED1052-2FB08-0BA1 All versions = V8.3, LOGO! 24CE 6ED1052-1CC08-0BA1 All versio...
CVE-2022-42784
A vulnerability has been identified in LOGO! 12/24RCE 6ED1052-1MD08-0BA1 All versions = V8.3, LOGO! 12/24RCEo 6ED1052-2MD08-0BA1 All versions = V8.3, LOGO! 230RCE 6ED1052-1FB08-0BA1 All versions = V8.3, LOGO! 230RCEo 6ED1052-2FB08-0BA1 All versions = V8.3, LOGO! 24CE 6ED1052-1CC08-0BA1 All versio...