CVE-2017-13097

The P1735 IEEE standard describes flawed methods for encrypting electronic-design intellectual property IP, as well as the management of access rights for such IP, including modification of Rights Block to remove or relax license requirement. The methods are flawed and, in the most egregious case...

CVE-2017-13094

The P1735 IEEE standard describes flawed methods for encrypting electronic-design intellectual property IP, as well as the management of access rights for such IP, including modification of the encryption key and insertion of hardware trojans in any IP. The methods are flawed and, in the most...

CVE-2017-13091

The P1735 IEEE standard describes flawed methods for encrypting electronic-design intellectual property IP, as well as the management of access rights for such IP, including improperly specified padding in CBC mode allows use of an EDA tool as a decryption oracle. The methods are flawed and, in t...

CVE-2017-13092

The P1735 IEEE standard describes flawed methods for encrypting electronic-design intellectual property IP, as well as the management of access rights for such IP, including improperly specified HDL syntax allows use of an EDA tool as a decryption oracle. The methods are flawed and, in the most...

CVE-2017-13096

The P1735 IEEE standard describes flawed methods for encrypting electronic-design intellectual property IP, as well as the management of access rights for such IP, including modification of Rights Block to remove or relax access control. The methods are flawed and, in the most egregious cases,...

CVE-2017-13093

The P1735 IEEE standard describes flawed methods for encrypting electronic-design intellectual property IP, as well as the management of access rights for such IP, including modification of encrypted IP cyphertext to insert hardware trojans. The methods are flawed and, in the most egregious cases...

Code injection

The P1735 IEEE standard describes flawed methods for encrypting electronic-design intellectual property IP, as well as the management of access rights for such IP, including modification of the encryption key and insertion of hardware trojans in any IP. The methods are flawed and, in the most...

Code injection

The P1735 IEEE standard describes flawed methods for encrypting electronic-design intellectual property IP, as well as the management of access rights for such IP, including improperly specified padding in CBC mode allows use of an EDA tool as a decryption oracle. The methods are flawed and, in t...

Design/Logic Flaw

The P1735 IEEE standard describes flawed methods for encrypting electronic-design intellectual property IP, as well as the management of access rights for such IP, including modification of Rights Block to remove or relax license requirement. The methods are flawed and, in the most egregious case...

Design/Logic Flaw

The P1735 IEEE standard describes flawed methods for encrypting electronic-design intellectual property IP, as well as the management of access rights for such IP, including modification of Rights Block to remove or relax access control. The methods are flawed and, in the most egregious cases,...

Code injection

The P1735 IEEE standard describes flawed methods for encrypting electronic-design intellectual property IP, as well as the management of access rights for such IP, including modification of a license-deny response to a license grant. The methods are flawed and, in the most egregious cases, enable...

Code injection

The P1735 IEEE standard describes flawed methods for encrypting electronic-design intellectual property IP, as well as the management of access rights for such IP, including modification of encrypted IP cyphertext to insert hardware trojans. The methods are flawed and, in the most egregious cases...

CVE-2017-13091 The P1735 IEEE standard describes flawed methods for encrypting electronic-design intellectual property (IP), including improperly specified padding in CBC mode allows use of an EDA tool as a decryption oracle

The P1735 IEEE standard describes flawed methods for encrypting electronic-design intellectual property IP, as well as the management of access rights for such IP, including improperly specified padding in CBC mode allows use of an EDA tool as a decryption oracle. The methods are flawed and, in t...

CVE-2017-13094 The P1735 IEEE standard describes flawed methods for encrypting electronic-design intellectual property (IP), including modification of the encryption key and insertion of hardware trojans in any IP

The P1735 IEEE standard describes flawed methods for encrypting electronic-design intellectual property IP, as well as the management of access rights for such IP, including modification of the encryption key and insertion of hardware trojans in any IP. The methods are flawed and, in the most...

CVE-2017-13097

CVE-2017-13097 refers to a weakness in the IEEE P1735 standard where an attacker can modify the Rights Block to remove or relax license requirements. The associated CERT/NVD entries describe this as part of a broader set of flaws in P1735 that can enable recovery of plaintext IP and insertion of ...

CVE-2017-13096 The P1735 IEEE standard describes flawed methods for encrypting electronic-design intellectual property (IP), including modification of Rights Block to remove or relax access control

The P1735 IEEE standard describes flawed methods for encrypting electronic-design intellectual property IP, as well as the management of access rights for such IP, including modification of Rights Block to remove or relax access control. The methods are flawed and, in the most egregious cases,...

CVE-2017-13097 The P1735 IEEE standard describes flawed methods for encrypting electronic-design intellectual property (IP), including modification of Rights Block to remove or relax license requirement

The P1735 IEEE standard describes flawed methods for encrypting electronic-design intellectual property IP, as well as the management of access rights for such IP, including modification of Rights Block to remove or relax license requirement. The methods are flawed and, in the most egregious case...

CVE-2017-13095

CVE-2017-13095 is a vulnerability in the IEEE P1735 encryption workflow where an attacker can modify a license-deny response to a license grant (or vice versa) within the EDA/tooling workflow. The connected sources describe this as part of the P1735 weaknesses that can enable IP theft or the inse...

CVE-2017-13094

The CVE-2017-13094 entry concerns flaws in the IEEE P1735 cryptographic workflow for encrypting electronic-design IP. The available documents describe that the standard enables manipulation of the encryption key and insertion of hardware trojans into IP, potentially allowing an attacker to recove...

CVE-2017-13092

CVE-2017-13092 involves the IEEE P1735 standard and a flaw in hardware description language (HDL) syntax that can allow an electronic design automation (EDA) tool to act as a decryption oracle. The vulnerability enables recovery of plaintext IP from encrypted designs and may enable insertion of h...