CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 1CVE-2020-24387
https://notcve.org/view.php?id=CVE-2020-24387
An issue was discovered in the yh_create_session() function of yubihsm-shell through 2.0.2. The function does not explicitly check the returned session id from the device. An invalid session id would lead to out-of-bounds read and write operations in the session array. This could be used by an attacker to cause a denial of service attack. Se detectó un problema en la función yh_create_session() de yubihsm-shell versiones hasta 2.0.2. • https://blog.inhq.net/posts/yubico-libyubihsm-vuln https://developers.yubico.com/yubihsm-shell https://github.com/Yubico/yubihsm-shell https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Y77KQJW76M3PFOBFLBT6DLH2NWHYRNZO https://www.yubico.com/support/security-advisories/ysa-2020-06 • CWE-125: Out-of-bounds Read CWE-787: Out-of-bounds Write •
CVSS: 5.3EPSS: 0%CPEs: 3EXPL: 1CVE-2020-15001
https://notcve.org/view.php?id=CVE-2020-15001
An information leak was discovered on Yubico YubiKey 5 NFC devices 5.0.0 to 5.2.6 and 5.3.0 to 5.3.1. The OTP application allows a user to set optional access codes on OTP slots. This access code is intended to prevent unauthorized changes to OTP configurations. The access code is not checked when updating NFC specific components of the OTP configurations. This may allow an attacker to access configured OTPs and passwords stored in slots that were not configured by the user to be read over NFC, despite a user having set an access code. • https://www.yubico.com/support/security-advisories/ysa-2020-04 • CWE-862: Missing Authorization •
CVSS: 5.9EPSS: 0%CPEs: 2EXPL: 0CVE-2020-15000
https://notcve.org/view.php?id=CVE-2020-15000
A PIN management problem was discovered on Yubico YubiKey 5 devices 5.2.0 to 5.2.6. OpenPGP has three passwords: Admin PIN, Reset Code, and User PIN. The Reset Code is used to reset the User PIN, but it is disabled by default. A flaw in the implementation of OpenPGP sets the Reset Code to a known value upon initialization. If the retry counter for the Reset Code is set to non-zero without changing the Reset Code, this known value can be used to reset the User PIN. • https://www.yubico.com/support/security-advisories/ysa-2020-05 •
CVSS: 4.6EPSS: 0%CPEs: 3EXPL: 1CVE-2020-13132
https://notcve.org/view.php?id=CVE-2020-13132
An issue was discovered in Yubico libykpiv before 2.1.0. An attacker can trigger an incorrect free() in the ykpiv_util_generate_key() function in lib/util.c through incorrect error handling code. This could be used to cause a denial of service attack. Se detectó un problema en Yubico libykpiv versiones anteriores a 2.1.0. Un atacante puede desencadenar un free() incorrecto en la función ykpiv_util_generate_key() en la biblioteca lib/util.c por medio de un código de manejo de errores incorrecto. • https://blog.inhq.net/posts/yubico-libykpiv-vuln https://www.yubico.com/support/security-advisories/ysa-2020-02 • CWE-763: Release of Invalid Pointer or Reference •
CVSS: 4.3EPSS: 0%CPEs: 3EXPL: 1CVE-2020-13131
https://notcve.org/view.php?id=CVE-2020-13131
An issue was discovered in Yubico libykpiv before 2.1.0. lib/util.c in this library (which is included in yubico-piv-tool) does not properly check embedded length fields during device communication. A malicious PIV token can misreport the returned length fields during RSA key generation. This will cause stack memory to be copied into heap allocated memory that gets returned to the caller. The leaked memory could include PINs, passwords, key material, and other sensitive information depending on the integration. During further processing by the caller, this information could leak across trust boundaries. • https://blog.inhq.net/posts/yubico-libykpiv-vuln https://www.yubico.com/products/services-software/download/smart-card-drivers-tools • CWE-125: Out-of-bounds Read •