CVE-2021-3011
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
1Exploited in Wild
-Decision
Descriptions
An electromagnetic-wave side-channel issue was discovered on NXP SmartMX / P5x security microcontrollers and A7x secure authentication microcontrollers, with CryptoLib through v2.9. It allows attackers to extract the ECDSA private key after extensive physical access (and consequently produce a clone). This was demonstrated on the Google Titan Security Key, based on an NXP A7005a chip. Other FIDO U2F security keys are also impacted (Yubico YubiKey Neo and Feitian K9, K13, K21, and K40) as well as several NXP JavaCard smartcards (J3A081, J2A081, J3A041, J3D145_M59, J2D145_M59, J3D120_M60, J3D082_M60, J2D120_M60, J2D082_M60, J3D081_M59, J2D081_M59, J3D081_M61, J2D081_M61, J3D081_M59_DF, J3D081_M61_DF, J3E081_M64, J3E081_M66, J2E081_M64, J3E041_M66, J3E016_M66, J3E016_M64, J3E041_M64, J3E145_M64, J3E120_M65, J3E082_M65, J2E145_M64, J2E120_M65, J2E082_M65, J3E081_M64_DF, J3E081_M66_DF, J3E041_M66_DF, J3E016_M66_DF, J3E041_M64_DF, and J3E016_M64_DF).
Se detectó un problema de canal lateral de ondas electromagnéticas en los microcontroladores de seguridad NXP SmartMX / P5x y en los microcontroladores de autenticación segura A7x, con CryptoLib versiones hasta v2.9. Permite a los atacantes extraer la clave privada ECDSA después de un acceso físico extenso (y en consecuencia producir un clon). Esto se demostró en la Google Titan Security Key, basada en un chip NXP A7005a. También están afectadas otras claves de seguridad FIDO U2F (Yubico YubiKey Neo y Feitian K9, K13, K21 y K40), así como varias tarjetas inteligentes NXP JavaCard (J3A081, J2A081, J3A041, J3D145_M59, J2D145_M59, J3D120D_M60, J3D120_M60, , J2D081_M59, J3D081_M61, J2D081_M61, J3D081_M59_DF, J3D081_M61_DF, J3E081_M64, J3E081_M66, J2E081_M64, J3E041_M66, J3E016_M66, J3E016_M64, J3E041_M64, J3E145_M64, J3E120_M65, J3E082_M65, J2E145_M64, J2E120_M65, J2E082_M65, J3E081_M64_DF, J3E081_M66_DF, J3E041_M66_DF, J3E016_M66_DF, J3E041_M64_DF, y J3E016_M64_DF)
CVSS Scores
SSVC
- Decision:-
Timeline
- 2021-01-04 CVE Reserved
- 2021-01-07 CVE Published
- 2024-08-03 CVE Updated
- 2024-08-03 First Exploit
- 2024-08-04 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
CWE
- CWE-670: Always-Incorrect Control Flow Implementation
CAPEC
References (2)
| URL | Tag | Source |
|---|---|---|
| https://ninjalab.io/a-side-journey-to-titan | Third Party Advisory |
| URL | Date | SRC |
|---|---|---|
| https://ninjalab.io/wp-content/uploads/2021/01/a_side_journey_to_titan.pdf | 2024-08-03 |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Ftsafe Search vendor "Ftsafe" | K13 Search vendor "Ftsafe" for product "K13" | - | - |
Affected
| ||||||
| Ftsafe Search vendor "Ftsafe" | K21 Search vendor "Ftsafe" for product "K21" | - | - |
Affected
| ||||||
| Ftsafe Search vendor "Ftsafe" | K40 Search vendor "Ftsafe" for product "K40" | - | - |
Affected
| ||||||
| Ftsafe Search vendor "Ftsafe" | K9 Search vendor "Ftsafe" for product "K9" | - | - |
Affected
| ||||||
| Google Search vendor "Google" | Titan Security Key Search vendor "Google" for product "Titan Security Key" | - | - |
Affected
| ||||||
| Nxp Search vendor "Nxp" | 3a081 Search vendor "Nxp" for product "3a081" | - | - |
Affected
| ||||||
| Nxp Search vendor "Nxp" | A7005a Search vendor "Nxp" for product "A7005a" | - | - |
Affected
| ||||||
| Nxp Search vendor "Nxp" | J2a081 Search vendor "Nxp" for product "J2a081" | - | - |
Affected
| ||||||
| Nxp Search vendor "Nxp" | J2d081 M59 Search vendor "Nxp" for product "J2d081 M59" | - | - |
Affected
| ||||||
| Nxp Search vendor "Nxp" | J2d081 M61 Search vendor "Nxp" for product "J2d081 M61" | - | - |
Affected
| ||||||
| Nxp Search vendor "Nxp" | J2d082 M60 Search vendor "Nxp" for product "J2d082 M60" | - | - |
Affected
| ||||||
| Nxp Search vendor "Nxp" | J2d120 M60 Search vendor "Nxp" for product "J2d120 M60" | - | - |
Affected
| ||||||
| Nxp Search vendor "Nxp" | J2d145 M59 Search vendor "Nxp" for product "J2d145 M59" | - | - |
Affected
| ||||||
| Nxp Search vendor "Nxp" | J2e081 M64 Search vendor "Nxp" for product "J2e081 M64" | - | - |
Affected
| ||||||
| Nxp Search vendor "Nxp" | J2e082 M65 Search vendor "Nxp" for product "J2e082 M65" | - | - |
Affected
| ||||||
| Nxp Search vendor "Nxp" | J2e120 M65 Search vendor "Nxp" for product "J2e120 M65" | - | - |
Affected
| ||||||
| Nxp Search vendor "Nxp" | J2e145 M64 Search vendor "Nxp" for product "J2e145 M64" | - | - |
Affected
| ||||||
| Nxp Search vendor "Nxp" | J3a041 Search vendor "Nxp" for product "J3a041" | - | - |
Affected
| ||||||
| Nxp Search vendor "Nxp" | J3d081 M59 Search vendor "Nxp" for product "J3d081 M59" | - | - |
Affected
| ||||||
| Nxp Search vendor "Nxp" | J3d081 M59 Df Search vendor "Nxp" for product "J3d081 M59 Df" | - | - |
Affected
| ||||||
| Nxp Search vendor "Nxp" | J3d081 M61 Search vendor "Nxp" for product "J3d081 M61" | - | - |
Affected
| ||||||
| Nxp Search vendor "Nxp" | J3d081 M61 Df Search vendor "Nxp" for product "J3d081 M61 Df" | - | - |
Affected
| ||||||
| Nxp Search vendor "Nxp" | J3d082 M60 Search vendor "Nxp" for product "J3d082 M60" | - | - |
Affected
| ||||||
| Nxp Search vendor "Nxp" | J3d120 M60 Search vendor "Nxp" for product "J3d120 M60" | - | - |
Affected
| ||||||
| Nxp Search vendor "Nxp" | J3d145 M59 Search vendor "Nxp" for product "J3d145 M59" | - | - |
Affected
| ||||||
| Nxp Search vendor "Nxp" | J3e016 M64 Search vendor "Nxp" for product "J3e016 M64" | - | - |
Affected
| ||||||
| Nxp Search vendor "Nxp" | J3e016 M64 Df Search vendor "Nxp" for product "J3e016 M64 Df" | - | - |
Affected
| ||||||
| Nxp Search vendor "Nxp" | J3e016 M66 Search vendor "Nxp" for product "J3e016 M66" | - | - |
Affected
| ||||||
| Nxp Search vendor "Nxp" | J3e016 M66 Df Search vendor "Nxp" for product "J3e016 M66 Df" | - | - |
Affected
| ||||||
| Nxp Search vendor "Nxp" | J3e041 M64 Search vendor "Nxp" for product "J3e041 M64" | - | - |
Affected
| ||||||
| Nxp Search vendor "Nxp" | J3e041 M64 Df Search vendor "Nxp" for product "J3e041 M64 Df" | - | - |
Affected
| ||||||
| Nxp Search vendor "Nxp" | J3e041 M66 Search vendor "Nxp" for product "J3e041 M66" | - | - |
Affected
| ||||||
| Nxp Search vendor "Nxp" | J3e041 M66 Df Search vendor "Nxp" for product "J3e041 M66 Df" | - | - |
Affected
| ||||||
| Nxp Search vendor "Nxp" | J3e081 M64 Search vendor "Nxp" for product "J3e081 M64" | - | - |
Affected
| ||||||
| Nxp Search vendor "Nxp" | J3e081 M64 Df Search vendor "Nxp" for product "J3e081 M64 Df" | - | - |
Affected
| ||||||
| Nxp Search vendor "Nxp" | J3e081 M66 Search vendor "Nxp" for product "J3e081 M66" | - | - |
Affected
| ||||||
| Nxp Search vendor "Nxp" | J3e081 M66 Df Search vendor "Nxp" for product "J3e081 M66 Df" | - | - |
Affected
| ||||||
| Nxp Search vendor "Nxp" | J3e082 M65 Search vendor "Nxp" for product "J3e082 M65" | - | - |
Affected
| ||||||
| Nxp Search vendor "Nxp" | J3e120 M65 Search vendor "Nxp" for product "J3e120 M65" | - | - |
Affected
| ||||||
| Nxp Search vendor "Nxp" | J3e145 M64 Search vendor "Nxp" for product "J3e145 M64" | - | - |
Affected
| ||||||
| Nxp Search vendor "Nxp" | P5010 Search vendor "Nxp" for product "P5010" | - | - |
Affected
| ||||||
| Nxp Search vendor "Nxp" | P5020 Search vendor "Nxp" for product "P5020" | - | - |
Affected
| ||||||
| Nxp Search vendor "Nxp" | P5021 Search vendor "Nxp" for product "P5021" | - | - |
Affected
| ||||||
| Nxp Search vendor "Nxp" | P5040 Search vendor "Nxp" for product "P5040" | - | - |
Affected
| ||||||
| Yubico Search vendor "Yubico" | Yubikey Neo Search vendor "Yubico" for product "Yubikey Neo" | - | - |
Affected
| ||||||