漏洞信息
尽管我们使用了先进的大模型技术,但其输出仍可能包含不准确或过时的信息。神龙努力确保数据的准确性,但请您根据实际情况进行核实和判断。
Vulnerability Title
N/A
Vulnerability Description
Yubico YubiKey 5 Series devices with firmware before 5.7.0 and YubiHSM 2 devices with firmware before 2.4.0 allow an ECDSA secret-key extraction attack (that requires physical access and expensive equipment) in which an electromagnetic side channel is present because of a non-constant-time modular inversion for the Extended Euclidean Algorithm, aka the EUCLEAK issue. Other uses of an Infineon cryptographic library may also be affected.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Yubico YubiKey 5 安全漏洞
Vulnerability Description
Yubico YubiKey 5是Yubico公司的一款多协议安全秘钥设备。 Yubico YubiKey 5 5.7.0之前版本和YubiHSM 2 2.4.0之前版本存在安全漏洞,该漏洞源于扩展欧几里得算法中的非恒定时间模逆运算导致的电磁侧信道,可能允许具有物理访问权限并使用专业设备的攻击者进行ECDSA秘密密钥提取攻击。
CVSS Information
N/A
Vulnerability Type
N/A