Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
A vulnerability has been identified in CPCI85 Central Processing/Communication (All versions < V05.30). The affected devices contain a secure element which is connected via an unencrypted SPI bus. This could allow an attacker with physical access to the SPI bus to observe the password used for the secure element authentication, and then use the secure element as an oracle to decrypt all encrypted update files.
CVSS Information
CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Vulnerability Type
不充分的凭证保护机制
Vulnerability Title
Siemens CPCI85 Central Processing 安全漏洞
Vulnerability Description
Siemens CPCI85 Central Processing是德国西门子(Siemens)公司的一个计算机处理器。 Siemens CPCI85 Central Processing存在安全漏洞,该漏洞源于受影响的设备包含一个通过未加密的SPI总线连接的安全元件。攻击者利用该漏洞可以对SPI总线具有物理访问权限的攻击者观察用于安全元件身份验证的密码,然后使用安全元件作为预言机来解密所有加密的更新文件。
CVSS Information
N/A
Vulnerability Type
N/A