CVE-2024-45678

Yubico YubiKey 5 Series devices with firmware before 5.7.0 and YubiHSM 2 devices with firmware before 2.4.0 allow an ECDSA secret-key extraction attack that requires physical access and expensive equipment in which an electromagnetic side channel is present because of a non-constant-time modular...

PT-2024-31724

Name of the Vulnerable Software and Affected Versions: Yubico YubiKey 5 Series devices with firmware before 5.7.0 YubiHSM 2 devices with firmware before 2.4.0 Description: The issue allows an ECDSA secret-key extraction attack that requires physical access and expensive equipment. This attack is...

Yubico YubiKey 5 安全漏洞

Yubico YubiKey 5 is a multi-protocol secure secret key device from Yubico. A security vulnerability exists in Yubico YubiKey 5 versions prior to 5.7.0 and YubiHSM 2 versions prior to 2.4.0, which stems from an electromagnetic side channel due to a non-constant time modulo inversion in the Extende...

Yubico YubiKey 5 安全漏洞

Yubico YubiKey 5 is a multi-protocol security secret key device from the Swedish company Yubico. A security vulnerability exists in Yubico YubiKey prior to 5.7.0, Security Key prior to 5.7.0, YubiKey Bio prior to 5.6.4, and YubiKey 5 FIPS prior to 5.7.2, which stems from faulty access control, an...