Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Das U-Boot's AES-CBC encryption feature uses a zero (0) initialization vector that may allow attacks against the underlying cryptographic implementation and allow an attacker to decrypt the data
Vulnerability Description
Das U-Boot is a device bootloader that can read its configuration from an AES encrypted file. For devices utilizing this environment encryption mode, U-Boot's use of a zero initialization vector may allow attacks against the underlying cryptographic implementation and allow an attacker to decrypt the data. Das U-Boot's AES-CBC encryption feature uses a zero (0) initialization vector. This allows an attacker to perform dictionary attacks on encrypted data produced by Das U-Boot to learn information about the encrypted data.
CVSS Information
N/A
Vulnerability Type
在CBC加密模式中未使用随机化IV向量
Vulnerability Title
DENX Software Engineering Das U-Boot 加密问题漏洞
Vulnerability Description
DENX Software Engineering Das U-Boot是德国DENX Software Engineering公司的一套可以从AES加密文件读取设备配置的引导加载程序。 DENX Software Engineering Das U-Boot中存在加密问题漏洞。本地攻击者可利用该漏洞解密数据。
CVSS Information
N/A
Vulnerability Type
N/A