Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
STMicroelectronics STSAFE-J 1.1.4, J-SAFE3 1.2.5, and J-SIGN sometimes allow attackers to abuse signature verification. This is associated with the ECDSA signature algorithm on the Java Card J-SAFE3 and STSAFE-J platforms exposing a 3.0.4 Java Card API. It is exploitable for STSAFE-J in closed configuration and J-SIGN (when signature verification is activated) but not for J-SAFE3 EPASS BAC and EAC products. It might also impact other products based on the J-SAFE-3 Java Card platform.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
STMicroelectronics STSAFE-J 数据伪造问题漏洞
Vulnerability Description
STMicroelectronics STSAFE-J是瑞士STMicroelectronics公司的一个高度安全的解决方案。通过向本地或远程主机提供身份验证、数据管理和加密服务来充当安全元素。 STMicroelectronics STSAFE-J 存在安全漏洞,该漏洞允许攻击者获取有关密码秘密的信息并在某些情况下滥用签名验证。这些漏洞可用于封闭配置中的 STSAFE-J 版本 1.1.4 和 J-SIGN(激活签名验证时),但不适用于 J-SAFE3 EPASS BAC 和 EAC 产品。以下产品和版
CVSS Information
N/A
Vulnerability Type
N/A