Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Protectimus SLIM NFC 70 10.01 devices allow a Time Traveler attack in which attackers can predict TOTP passwords in certain situations. The time value used by the device can be set independently from the used seed value for generating time-based one-time passwords, without authentication. Thus, an attacker with short-time physical access to a device can set the internal real-time clock (RTC) to the future, generate one-time passwords, and reset the clock to the current time. This allows the generation of valid future time-based one-time passwords without having further access to the hardware token.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Protectimus SLIM NFC 授权问题漏洞
Vulnerability Description
SLiM(Simple Login Manager)是一款简单、轻量级和容易配置的登录管理器。 Protectimus SLIM NFC 70存在安全漏洞,该漏洞源于Protectimus SLIM NFC 70的10.01版本设备允许Time Traveler攻击。攻击者可利用该漏洞可以在某些情况下预测TOTP密码。这允许生成基于未来时间的有效的一次性密码,而无需进一步访问硬件令牌。
CVSS Information
N/A
Vulnerability Type
N/A