2 matches found
GHSA-F659-372H-6X3X netty-incubator-codec-ohttp's HPKEContext operations may produce empty byte[] on failures
HKDFexpand: returns non-NULL on failure. The byte is filled with zeros and has no way to distinguish success from failure. Since this output is used as HKDF key material for the response AEAD, a failure silently produces an all-zero key. When EVPHPKECTXexport fails it also returns an empty byte...
The vulnerability of the SIMATIC IT UADM software, related to the predictable encryption key, allows a hacker to recover the password and gain access to the TeamCenter station.
The vulnerability of the SIMATIC IT UADM software is related to a predictable encryption key. Exploiting this vulnerability could allow an attacker to retrieve the password and gain access to the TeamCenter station...