CVE-2019-15809

Severity Score

4.7

*CVSS v3.1

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

*Multiple Sources

Exploited in Wild

*KEV

Decision

*SSVC

Descriptions

Smart cards from the Athena SCS manufacturer, based on the Atmel Toolbox 00.03.11.05 and the AT90SC chip, contain a timing side channel in ECDSA signature generation. This allows a local attacker, able to measure the duration of hundreds to thousands of signing operations, to compute the private key used. The issue occurs because the Atmel Toolbox 00.03.11.05 contains two versions of ECDSA signature functions, described as fast and secure, but the affected cards chose to use the fast version, which leaks the bit length of the random nonce via timing. This affects Athena IDProtect 010b.0352.0005, Athena IDProtect 010e.1245.0002, Athena IDProtect 0106.0130.0401, Athena IDProtect 010e.1245.0002, Valid S/A IDflex V 010b.0352.0005, SafeNet eToken 4300 010e.1245.0002, TecSec Armored Card 010e.0264.0001, and TecSec Armored Card 108.0264.0001.

Se detectó que la corrección para CVE-2014-0114 había sido revertido en JBoss Operations Network 3 (JON). Este fallo permite a atacantes manipular las propiedades de ClassLoader en un servidor vulnerable. Las explotaciones publicadas se basan en las propiedades de ClassLoader que están expuestas, como las de JON 3. Información adicional puede ser encontrada en el artículo de la base de conocimiento de Red Hat: https://access.redhat.com/site/solutions/869353. Tenga en cuenta que mientras varios productos publicaron parches para el fallo original de CVE-2014-0114, la reversión descrita por este fallo de CVE-2019-3834 solo ocurrió en JON 3.

*Credits: N/A

Attack Vector

Local

Attack Complexity

High

Privileges Required

Low

User Interaction

None

Scope

Unchanged

Confidentiality

High

Integrity

None

Availability

None

Attack Vector

Local

Attack Complexity

High

Authentication

None

Confidentiality

Partial

Integrity

None

Availability

None

* Common Vulnerability Scoring System

SSVC

Decision:-

Exploitation

Automatable

Tech. Impact

* Organization's Worst-case Scenario

Timeline

2019-08-29 CVE Reserved
2019-10-03 CVE Published
2023-03-08 EPSS Updated
2024-08-05 CVE Updated
2024-08-05 First Exploit
---------- Exploited in Wild
---------- KEV Due Date

CWE

CWE-203: Observable Discrepancy

CAPEC

References (6)

URL	Tag	Source
http://www.openwall.com/lists/oss-security/2019/10/02/2	Mailing List
https://csrc.nist.gov/Projects/Cryptographic-Algorithm-Validation-Program/details?source=ECDSA&number=214	Third Party Advisory
https://eprint.iacr.org/2011/232.pdf	Technical Description
https://tches.iacr.org/index.php/TCHES/article/view/7337	Technical Description
https://www.ssi.gouv.fr/certification_cc/bibliotheque-cryptographique-atmel-toolbox-00-03-11-05	Product

URL	Date	SRC
https://minerva.crocs.fi.muni.cz	2024-08-05

URL	Date	SRC

URL	Date	SRC

Affected Vendors, Products, and Versions

Vendor		Product				Version		Other		Status
Vendor	Product	Version	Other	Status	<-- -->	Vendor	Product	Version	Other	Status
Microchip Search vendor "Microchip"		Atmel Toolbox Search vendor "Microchip" for product "Atmel Toolbox"				00.03.11.05 Search vendor "Microchip" for product "Atmel Toolbox" and version "00.03.11.05"		-		Affected
Athena-scs Search vendor "Athena-scs"		Idprotect Search vendor "Athena-scs" for product "Idprotect"				010b.0352.0005 Search vendor "Athena-scs" for product "Idprotect" and version "010b.0352.0005"		-		Affected
Athena-scs Search vendor "Athena-scs"		Idprotect Search vendor "Athena-scs" for product "Idprotect"				010e.1245.0002 Search vendor "Athena-scs" for product "Idprotect" and version "010e.1245.0002"		-		Affected
Athena-scs Search vendor "Athena-scs"		Idprotect Search vendor "Athena-scs" for product "Idprotect"				0106.0130.0401 Search vendor "Athena-scs" for product "Idprotect" and version "0106.0130.0401"		-		Affected
Cryptsoft Search vendor "Cryptsoft"		S\/a Idflex V Search vendor "Cryptsoft" for product "S\/a Idflex V"				010b.0352.0005 Search vendor "Cryptsoft" for product "S\/a Idflex V" and version "010b.0352.0005"		-		Affected
Tecsec Search vendor "Tecsec"		Armored Card Search vendor "Tecsec" for product "Armored Card"				010e.0264.0001 Search vendor "Tecsec" for product "Armored Card" and version "010e.0264.0001"		-		Affected
Tecsec Search vendor "Tecsec"		Armored Card Search vendor "Tecsec" for product "Armored Card"				108.0264.0001 Search vendor "Tecsec" for product "Armored Card" and version "108.0264.0001"		-		Affected
Thalesgroup Search vendor "Thalesgroup"		Etoken 4300 Search vendor "Thalesgroup" for product "Etoken 4300"				010e.1245.0002 Search vendor "Thalesgroup" for product "Etoken 4300" and version "010e.1245.0002"		-		Affected