CVSS: 4.2EPSS: 0%CPEs: 45EXPL: 1CVE-2021-3011
https://notcve.org/view.php?id=CVE-2021-3011
07 Jan 2021 — An electromagnetic-wave side-channel issue was discovered on NXP SmartMX / P5x security microcontrollers and A7x secure authentication microcontrollers, with CryptoLib through v2.9. It allows attackers to extract the ECDSA private key after extensive physical access (and consequently produce a clone). This was demonstrated on the Google Titan Security Key, based on an NXP A7005a chip. Other FIDO U2F security keys are also impacted (Yubico YubiKey Neo and Feitian K9, K13, K21, and K40) as well as several NXP... • https://ninjalab.io/a-side-journey-to-titan • CWE-670: Always-Incorrect Control Flow Implementation •
CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0CVE-2018-16160
https://notcve.org/view.php?id=CVE-2018-16160
15 Nov 2018 — SecureCore Standard Edition Version 2.x allows an attacker to bypass the product 's authentication to log in to a Windows PC. SecureCore Standard Edition en versiones 2.x permite que un atacante omita la autenticación del producto para iniciar sesión en un PC Windows. • http://jvn.jp/en/jp/JVN21528670/index.html • CWE-287: Improper Authentication •