3 matches found
CVE-2020-27208
The flash read-out protection RDP level is not enforced during the device initialization phase of the SoloKeys Solo 4.0.0 & Somu and the Nitrokey FIDO2 token. This allows an adversary to downgrade the RDP level and access secrets such as private ECC keys from SRAM via the debug interface...
CVE-2022-42961
An issue was discovered in wolfSSL before 5.5.0. A fault injection attack on RAM via Rowhammer leads to ECDSA key disclosure. Users performing signing operations with private ECC keys, such as in server-side TLS connections, might leak faulty ECC signatures. These signatures can be processed via ...
openSUSE 15 Security Update : solo (openSUSE-SU-2021:1019-1)
The remote SUSE Linux SUSE15 host has a package installed that is affected by a vulnerability as referenced in the openSUSE-SU-2021:1019-1 advisory. - The flash read-out protection RDP level is not enforced during the device initialization phase of the SoloKeys Solo 4.0.0 & Somu and the Nitrokey...