6 matches found
CVE-2024-35311
Yubico YubiKey 5 Series before 5.7.0, Security Key Series before 5.7.0, YubiKey Bio Series before 5.6.4, and YubiKey 5 FIPS before 5.7.2 have Incorrect Access Control...
Security Bulletin: A Security Vulnerability was discovered in IBM Security Verify Access (CVE-2024-45678)
Summary A Security Vulnerability was addressed in IBM Security Verify Access regarding Yubico Yubikey 5 Series. Vulnerability Details CVEID:CVE-2024-45678 DESCRIPTION: Yubico YubiKey 5 Series, Security Key Series and YubiHSM 2 could allow a physical attacker to obtain sensitive information, cause...
YubiKeys Are a Security Gold Standard—but They Can Be Cloned
Security researchers have discovered a cryptographic flaw that leaves the YubiKey 5 vulnerable to attack...
CVE-2024-45678
Yubico YubiKey 5 Series devices with firmware before 5.7.0 and YubiHSM 2 devices with firmware before 2.4.0 allow an ECDSA secret-key extraction attack that requires physical access and expensive equipment in which an electromagnetic side channel is present because of a non-constant-time modular...
Yubico YubiKey 5 NFC Information Disclosure Vulnerability
Yubico YubiKey 5 NFC is a multi-protocol secret key device supporting NFC Near Field Communication functionality from the Swedish company Yubico. An information disclosure vulnerability exists in the Yubico YubiKey 5 NFC versions 5.0.0 through 5.2.6 and 5.3.0 through 5.3.1. The vulnerability can ...
CVE-2020-15001
An information leak was discovered on Yubico YubiKey 5 NFC devices 5.0.0 to 5.2.6 and 5.3.0 to 5.3.1. The OTP application allows a user to set optional access codes on OTP slots. This access code is intended to prevent unauthorized changes to OTP configurations. The access code is not checked whe...