Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2019-18222 (GCVE-0-2019-18222)
Vulnerability from cvelistv5 – Published: 2020-01-23 00:00 – Updated: 2024-08-05 01:47
VLAI
EPSS
Summary
The ECDSA signature implementation in ecdsa.c in Arm Mbed Crypto 2.1 and Mbed TLS through 2.19.1 does not reduce the blinded scalar before computing the inverse, which allows a local attacker to recover the private key via side-channel attacks.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
5 references
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T01:47:14.077Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://tls.mbed.org/tech-updates/security-advisories"
},
{
"tags": [
"x_transferred"
],
"url": "https://tls.mbed.org/tech-updates/security-advisories/mbedtls-security-advisory-2019-12"
},
{
"name": "FEDORA-2020-8d3ea0fe8d",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NGDACU65MYZXXVPQP2EBHUJGOR4RWLVY/"
},
{
"name": "FEDORA-2020-5bcfae9f46",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/A3GWQNONS7GRORXZJ7MOJFUEJ2ZJ4OUW/"
},
{
"name": "[debian-lts-announce] 20221225 [SECURITY] [DLA 3249-1] mbedtls security update",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2022/12/msg00036.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "The ECDSA signature implementation in ecdsa.c in Arm Mbed Crypto 2.1 and Mbed TLS through 2.19.1 does not reduce the blinded scalar before computing the inverse, which allows a local attacker to recover the private key via side-channel attacks."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-12-26T00:00:00.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://tls.mbed.org/tech-updates/security-advisories"
},
{
"url": "https://tls.mbed.org/tech-updates/security-advisories/mbedtls-security-advisory-2019-12"
},
{
"name": "FEDORA-2020-8d3ea0fe8d",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NGDACU65MYZXXVPQP2EBHUJGOR4RWLVY/"
},
{
"name": "FEDORA-2020-5bcfae9f46",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/A3GWQNONS7GRORXZJ7MOJFUEJ2ZJ4OUW/"
},
{
"name": "[debian-lts-announce] 20221225 [SECURITY] [DLA 3249-1] mbedtls security update",
"tags": [
"mailing-list"
],
"url": "https://lists.debian.org/debian-lts-announce/2022/12/msg00036.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2019-18222",
"datePublished": "2020-01-23T00:00:00.000Z",
"dateReserved": "2019-10-21T00:00:00.000Z",
"dateUpdated": "2024-08-05T01:47:14.077Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"epss": {
"cve": "CVE-2019-18222",
"date": "2026-05-27",
"epss": "0.00109",
"percentile": "0.28794"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2019-18222\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2020-01-23T17:15:11.893\",\"lastModified\":\"2024-11-21T04:32:52.030\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"The ECDSA signature implementation in ecdsa.c in Arm Mbed Crypto 2.1 and Mbed TLS through 2.19.1 does not reduce the blinded scalar before computing the inverse, which allows a local attacker to recover the private key via side-channel attacks.\"},{\"lang\":\"es\",\"value\":\"La implementaci\u00f3n de la firma ECDSA en el archivo ecdsa.c en Arm Mbed Crypto versi\u00f3n 2.1 y Mbed TLS versiones hasta 2.19.1, no reduce el escalar ciego antes de calcular el inverso, lo que permite a un atacante local recuperar la clave privada por medio de ataques de canal lateral.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N\",\"baseScore\":4.7,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"HIGH\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":1.0,\"impactScore\":3.6}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:L/AC:M/Au:N/C:P/I:N/A:N\",\"baseScore\":1.9,\"accessVector\":\"LOCAL\",\"accessComplexity\":\"MEDIUM\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"NONE\"},\"baseSeverity\":\"LOW\",\"exploitabilityScore\":3.4,\"impactScore\":2.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-203\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:arm:mbed_crypto:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"3.0.0\",\"matchCriteriaId\":\"6EB99EE1-CF15-4B12-A7B7-962049FF7C40\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:arm:mbed_tls:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"2.7.13\",\"matchCriteriaId\":\"9AFF019B-BEED-4005-B3F8-2495D1226C68\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:arm:mbed_tls:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"2.8.0\",\"versionEndExcluding\":\"2.16.4\",\"matchCriteriaId\":\"416475AF-9BFC-4B4E-812E-0BCEC891960C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:arm:mbed_tls:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"2.17.0\",\"versionEndExcluding\":\"2.20.0\",\"matchCriteriaId\":\"537293B6-FD8D-4CE1-9D99-A4BE5B8F0D9F\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"97A4B8DF-58DA-4AB6-A1F9-331B36409BA3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"80F0FA5D-8D3B-4C0E-81E2-87998286AF33\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"07B237A9-69A3-4A9C-9DA0-4E06BD37AE73\"}]}]}],\"references\":[{\"url\":\"https://lists.debian.org/debian-lts-announce/2022/12/msg00036.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/A3GWQNONS7GRORXZJ7MOJFUEJ2ZJ4OUW/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NGDACU65MYZXXVPQP2EBHUJGOR4RWLVY/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://tls.mbed.org/tech-updates/security-advisories\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://tls.mbed.org/tech-updates/security-advisories/mbedtls-security-advisory-2019-12\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://lists.debian.org/debian-lts-announce/2022/12/msg00036.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/A3GWQNONS7GRORXZJ7MOJFUEJ2ZJ4OUW/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NGDACU65MYZXXVPQP2EBHUJGOR4RWLVY/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://tls.mbed.org/tech-updates/security-advisories\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://tls.mbed.org/tech-updates/security-advisories/mbedtls-security-advisory-2019-12\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]}]}}"
}
}
FKIE_CVE-2019-18222
Vulnerability from fkie_nvd - Published: 2020-01-23 17:15 - Updated: 2024-11-21 04:32
Severity
Summary
The ECDSA signature implementation in ecdsa.c in Arm Mbed Crypto 2.1 and Mbed TLS through 2.19.1 does not reduce the blinded scalar before computing the inverse, which allows a local attacker to recover the private key via side-channel attacks.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| arm | mbed_crypto | * | |
| arm | mbed_tls | * | |
| arm | mbed_tls | * | |
| arm | mbed_tls | * | |
| fedoraproject | fedora | 30 | |
| fedoraproject | fedora | 31 | |
| debian | debian_linux | 10.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:arm:mbed_crypto:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6EB99EE1-CF15-4B12-A7B7-962049FF7C40",
"versionEndExcluding": "3.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:arm:mbed_tls:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9AFF019B-BEED-4005-B3F8-2495D1226C68",
"versionEndExcluding": "2.7.13",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:arm:mbed_tls:*:*:*:*:*:*:*:*",
"matchCriteriaId": "416475AF-9BFC-4B4E-812E-0BCEC891960C",
"versionEndExcluding": "2.16.4",
"versionStartIncluding": "2.8.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:arm:mbed_tls:*:*:*:*:*:*:*:*",
"matchCriteriaId": "537293B6-FD8D-4CE1-9D99-A4BE5B8F0D9F",
"versionEndExcluding": "2.20.0",
"versionStartIncluding": "2.17.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*",
"matchCriteriaId": "97A4B8DF-58DA-4AB6-A1F9-331B36409BA3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*",
"matchCriteriaId": "80F0FA5D-8D3B-4C0E-81E2-87998286AF33",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The ECDSA signature implementation in ecdsa.c in Arm Mbed Crypto 2.1 and Mbed TLS through 2.19.1 does not reduce the blinded scalar before computing the inverse, which allows a local attacker to recover the private key via side-channel attacks."
},
{
"lang": "es",
"value": "La implementaci\u00f3n de la firma ECDSA en el archivo ecdsa.c en Arm Mbed Crypto versi\u00f3n 2.1 y Mbed TLS versiones hasta 2.19.1, no reduce el escalar ciego antes de calcular el inverso, lo que permite a un atacante local recuperar la clave privada por medio de ataques de canal lateral."
}
],
"id": "CVE-2019-18222",
"lastModified": "2024-11-21T04:32:52.030",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 1.9,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:L/AC:M/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 3.4,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 1.0,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2020-01-23T17:15:11.893",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2022/12/msg00036.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/A3GWQNONS7GRORXZJ7MOJFUEJ2ZJ4OUW/"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NGDACU65MYZXXVPQP2EBHUJGOR4RWLVY/"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "https://tls.mbed.org/tech-updates/security-advisories"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "https://tls.mbed.org/tech-updates/security-advisories/mbedtls-security-advisory-2019-12"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2022/12/msg00036.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/A3GWQNONS7GRORXZJ7MOJFUEJ2ZJ4OUW/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NGDACU65MYZXXVPQP2EBHUJGOR4RWLVY/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://tls.mbed.org/tech-updates/security-advisories"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://tls.mbed.org/tech-updates/security-advisories/mbedtls-security-advisory-2019-12"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-203"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
GHSA-FPGH-HVP5-CQC2
Vulnerability from github – Published: 2022-05-24 17:07 – Updated: 2022-12-26 03:30
VLAI
Details
The ECDSA signature implementation in ecdsa.c in Arm Mbed Crypto 2.1 and Mbed TLS through 2.19.1 does not reduce the blinded scalar before computing the inverse, which allows a local attacker to recover the private key via side-channel attacks.
Severity
4.7 (Medium)
{
"affected": [],
"aliases": [
"CVE-2019-18222"
],
"database_specific": {
"cwe_ids": [
"CWE-200",
"CWE-203"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2020-01-23T17:15:00Z",
"severity": "MODERATE"
},
"details": "The ECDSA signature implementation in ecdsa.c in Arm Mbed Crypto 2.1 and Mbed TLS through 2.19.1 does not reduce the blinded scalar before computing the inverse, which allows a local attacker to recover the private key via side-channel attacks.",
"id": "GHSA-fpgh-hvp5-cqc2",
"modified": "2022-12-26T03:30:21Z",
"published": "2022-05-24T17:07:11Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-18222"
},
{
"type": "WEB",
"url": "https://lists.debian.org/debian-lts-announce/2022/12/msg00036.html"
},
{
"type": "WEB",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/A3GWQNONS7GRORXZJ7MOJFUEJ2ZJ4OUW"
},
{
"type": "WEB",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NGDACU65MYZXXVPQP2EBHUJGOR4RWLVY"
},
{
"type": "WEB",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/A3GWQNONS7GRORXZJ7MOJFUEJ2ZJ4OUW"
},
{
"type": "WEB",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NGDACU65MYZXXVPQP2EBHUJGOR4RWLVY"
},
{
"type": "WEB",
"url": "https://tls.mbed.org/tech-updates/security-advisories"
},
{
"type": "WEB",
"url": "https://tls.mbed.org/tech-updates/security-advisories/mbedtls-security-advisory-2019-12"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N",
"type": "CVSS_V3"
}
]
}
GSD-2019-18222
Vulnerability from gsd - Updated: 2023-12-13 01:23Details
The ECDSA signature implementation in ecdsa.c in Arm Mbed Crypto 2.1 and Mbed TLS through 2.19.1 does not reduce the blinded scalar before computing the inverse, which allows a local attacker to recover the private key via side-channel attacks.
Aliases
Aliases
{
"GSD": {
"alias": "CVE-2019-18222",
"description": "The ECDSA signature implementation in ecdsa.c in Arm Mbed Crypto 2.1 and Mbed TLS through 2.19.1 does not reduce the blinded scalar before computing the inverse, which allows a local attacker to recover the private key via side-channel attacks.",
"id": "GSD-2019-18222",
"references": [
"https://advisories.mageia.org/CVE-2019-18222.html",
"https://security.archlinux.org/CVE-2019-18222",
"https://www.suse.com/security/cve/CVE-2019-18222.html"
]
},
"gsd": {
"metadata": {
"exploitCode": "unknown",
"remediation": "unknown",
"reportConfidence": "confirmed",
"type": "vulnerability"
},
"osvSchema": {
"aliases": [
"CVE-2019-18222"
],
"details": "The ECDSA signature implementation in ecdsa.c in Arm Mbed Crypto 2.1 and Mbed TLS through 2.19.1 does not reduce the blinded scalar before computing the inverse, which allows a local attacker to recover the private key via side-channel attacks.",
"id": "GSD-2019-18222",
"modified": "2023-12-13T01:23:50.108013Z",
"schema_version": "1.4.0"
}
},
"namespaces": {
"cve.org": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-18222",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_affected": "?",
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The ECDSA signature implementation in ecdsa.c in Arm Mbed Crypto 2.1 and Mbed TLS through 2.19.1 does not reduce the blinded scalar before computing the inverse, which allows a local attacker to recover the private key via side-channel attacks."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://tls.mbed.org/tech-updates/security-advisories",
"refsource": "MISC",
"url": "https://tls.mbed.org/tech-updates/security-advisories"
},
{
"name": "https://lists.debian.org/debian-lts-announce/2022/12/msg00036.html",
"refsource": "MISC",
"url": "https://lists.debian.org/debian-lts-announce/2022/12/msg00036.html"
},
{
"name": "https://tls.mbed.org/tech-updates/security-advisories/mbedtls-security-advisory-2019-12",
"refsource": "MISC",
"url": "https://tls.mbed.org/tech-updates/security-advisories/mbedtls-security-advisory-2019-12"
},
{
"name": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NGDACU65MYZXXVPQP2EBHUJGOR4RWLVY/",
"refsource": "MISC",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NGDACU65MYZXXVPQP2EBHUJGOR4RWLVY/"
},
{
"name": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/A3GWQNONS7GRORXZJ7MOJFUEJ2ZJ4OUW/",
"refsource": "MISC",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/A3GWQNONS7GRORXZJ7MOJFUEJ2ZJ4OUW/"
}
]
}
},
"nvd.nist.gov": {
"configurations": {
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:arm:mbed_tls:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "2.20.0",
"versionStartIncluding": "2.17.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:arm:mbed_tls:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "2.16.4",
"versionStartIncluding": "2.8.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:arm:mbed_tls:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "2.7.13",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:arm:mbed_crypto:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "3.0.0",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
},
"cve": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-18222"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "en",
"value": "The ECDSA signature implementation in ecdsa.c in Arm Mbed Crypto 2.1 and Mbed TLS through 2.19.1 does not reduce the blinded scalar before computing the inverse, which allows a local attacker to recover the private key via side-channel attacks."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "en",
"value": "CWE-203"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://tls.mbed.org/tech-updates/security-advisories/mbedtls-security-advisory-2019-12",
"refsource": "CONFIRM",
"tags": [
"Vendor Advisory"
],
"url": "https://tls.mbed.org/tech-updates/security-advisories/mbedtls-security-advisory-2019-12"
},
{
"name": "https://tls.mbed.org/tech-updates/security-advisories",
"refsource": "MISC",
"tags": [
"Vendor Advisory"
],
"url": "https://tls.mbed.org/tech-updates/security-advisories"
},
{
"name": "[debian-lts-announce] 20221225 [SECURITY] [DLA 3249-1] mbedtls security update",
"refsource": "MLIST",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2022/12/msg00036.html"
},
{
"name": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/A3GWQNONS7GRORXZJ7MOJFUEJ2ZJ4OUW/",
"refsource": "MISC",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/A3GWQNONS7GRORXZJ7MOJFUEJ2ZJ4OUW/"
},
{
"name": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NGDACU65MYZXXVPQP2EBHUJGOR4RWLVY/",
"refsource": "MISC",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NGDACU65MYZXXVPQP2EBHUJGOR4RWLVY/"
}
]
}
},
"impact": {
"baseMetricV2": {
"acInsufInfo": false,
"cvssV2": {
"accessComplexity": "MEDIUM",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 1.9,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:L/AC:M/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 3.4,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "LOW",
"userInteractionRequired": false
},
"baseMetricV3": {
"cvssV3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 1.0,
"impactScore": 3.6
}
},
"lastModifiedDate": "2023-03-03T15:25Z",
"publishedDate": "2020-01-23T17:15Z"
}
}
}
MSRC_CVE-2019-18222
Vulnerability from csaf_microsoft - Published: 2020-01-02 00:00 - Updated: 2026-02-18 03:07Summary
The ECDSA signature implementation in ecdsa.c in Arm Mbed Crypto 2.1 and Mbed TLS through 2.19.1 does not reduce the blinded scalar before computing the inverse, which allows a local attacker to recover the private key via side-channel attacks.
Notes
Additional Resources: To determine the support lifecycle for your software, see the Microsoft Support Lifecycle: https://support.microsoft.com/lifecycle
Disclaimer: The information provided in the Microsoft Knowledge Base is provided \"as is\" without warranty of any kind. Microsoft disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose. In no event shall Microsoft Corporation or its suppliers be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages, even if Microsoft Corporation or its suppliers have been advised of the possibility of such damages. Some states do not allow the exclusion or limitation of liability for consequential or incidental damages so the foregoing limitation may not apply.
CWE-203
- Observable Discrepancy
Affected products
Known not affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 17086-1 | — | ||
| Unresolved product id: 17084-2 | — | ||
| Unresolved product id: 17086-3 | — |
References
4 references
| URL | Category |
|---|---|
| https://msrc.microsoft.com/csaf/vex/2020/msrc_cve… | self |
| https://support.microsoft.com/lifecycle | external |
| https://www.first.org/cvss | external |
| https://msrc.microsoft.com/csaf/vex/2020/msrc_cve… | self |
{
"document": {
"category": "csaf_vex",
"csaf_version": "2.0",
"distribution": {
"text": "Public",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en-US",
"notes": [
{
"category": "general",
"text": "To determine the support lifecycle for your software, see the Microsoft Support Lifecycle: https://support.microsoft.com/lifecycle",
"title": "Additional Resources"
},
{
"category": "legal_disclaimer",
"text": "The information provided in the Microsoft Knowledge Base is provided \\\"as is\\\" without warranty of any kind. Microsoft disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose. In no event shall Microsoft Corporation or its suppliers be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages, even if Microsoft Corporation or its suppliers have been advised of the possibility of such damages. Some states do not allow the exclusion or limitation of liability for consequential or incidental damages so the foregoing limitation may not apply.",
"title": "Disclaimer"
}
],
"publisher": {
"category": "vendor",
"contact_details": "secure@microsoft.com",
"name": "Microsoft Security Response Center",
"namespace": "https://msrc.microsoft.com"
},
"references": [
{
"category": "self",
"summary": "CVE-2019-18222 The ECDSA signature implementation in ecdsa.c in Arm Mbed Crypto 2.1 and Mbed TLS through 2.19.1 does not reduce the blinded scalar before computing the inverse, which allows a local attacker to recover the private key via side-channel attacks. - VEX",
"url": "https://msrc.microsoft.com/csaf/vex/2020/msrc_cve-2019-18222.json"
},
{
"category": "external",
"summary": "Microsoft Support Lifecycle",
"url": "https://support.microsoft.com/lifecycle"
},
{
"category": "external",
"summary": "Common Vulnerability Scoring System",
"url": "https://www.first.org/cvss"
}
],
"title": "The ECDSA signature implementation in ecdsa.c in Arm Mbed Crypto 2.1 and Mbed TLS through 2.19.1 does not reduce the blinded scalar before computing the inverse, which allows a local attacker to recover the private key via side-channel attacks.",
"tracking": {
"current_release_date": "2026-02-18T03:07:47.000Z",
"generator": {
"date": "2026-02-18T08:53:30.157Z",
"engine": {
"name": "MSRC Generator",
"version": "1.0"
}
},
"id": "msrc_CVE-2019-18222",
"initial_release_date": "2020-01-02T00:00:00.000Z",
"revision_history": [
{
"date": "2025-09-03T22:25:51.000Z",
"legacy_version": "1",
"number": "1",
"summary": "Information published."
},
{
"date": "2026-02-18T03:07:47.000Z",
"legacy_version": "2",
"number": "2",
"summary": "Information published."
}
],
"status": "final",
"version": "2"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "2.0",
"product": {
"name": "CBL Mariner 2.0",
"product_id": "17086"
}
},
{
"category": "product_version",
"name": "3.0",
"product": {
"name": "Azure Linux 3.0",
"product_id": "17084"
}
}
],
"category": "product_name",
"name": "Azure Linux"
},
{
"category": "product_name",
"name": "cbl2 qemu 6.2.0-24",
"product": {
"name": "cbl2 qemu 6.2.0-24",
"product_id": "1"
}
},
{
"category": "product_name",
"name": "azl3 qemu 8.2.0-16",
"product": {
"name": "azl3 qemu 8.2.0-16",
"product_id": "2"
}
},
{
"category": "product_name",
"name": "cbl2 qemu 6.2.0-24",
"product": {
"name": "cbl2 qemu 6.2.0-24",
"product_id": "3"
}
}
],
"category": "vendor",
"name": "Microsoft"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "cbl2 qemu 6.2.0-24 as a component of CBL Mariner 2.0",
"product_id": "17086-1"
},
"product_reference": "1",
"relates_to_product_reference": "17086"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "azl3 qemu 8.2.0-16 as a component of Azure Linux 3.0",
"product_id": "17084-2"
},
"product_reference": "2",
"relates_to_product_reference": "17084"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cbl2 qemu 6.2.0-24 as a component of CBL Mariner 2.0",
"product_id": "17086-3"
},
"product_reference": "3",
"relates_to_product_reference": "17086"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2019-18222",
"cwe": {
"id": "CWE-203",
"name": "Observable Discrepancy"
},
"flags": [
{
"label": "component_not_present",
"product_ids": [
"17084-2"
]
},
{
"label": "vulnerable_code_not_present",
"product_ids": [
"17086-1",
"17086-3"
]
}
],
"notes": [
{
"category": "general",
"text": "mitre",
"title": "Assigning CNA"
}
],
"product_status": {
"known_not_affected": [
"17086-1",
"17084-2",
"17086-3"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2019-18222 The ECDSA signature implementation in ecdsa.c in Arm Mbed Crypto 2.1 and Mbed TLS through 2.19.1 does not reduce the blinded scalar before computing the inverse, which allows a local attacker to recover the private key via side-channel attacks. - VEX",
"url": "https://msrc.microsoft.com/csaf/vex/2020/msrc_cve-2019-18222.json"
}
],
"title": "The ECDSA signature implementation in ecdsa.c in Arm Mbed Crypto 2.1 and Mbed TLS through 2.19.1 does not reduce the blinded scalar before computing the inverse, which allows a local attacker to recover the private key via side-channel attacks."
}
]
}
VDE-2021-018
Vulnerability from csaf_pepperlfuchsse - Published: 2021-05-12 08:57 - Updated: 2021-05-12 08:57Summary
Pepperl+Fuchs: Multiple vulnerabilites in ICE1 Ethernet IO Modules
Severity
High
Notes
Summary: Critical vulnerability has been discovered in the utilized components rcX, mbedTLS, PROFINET IO Device and EtherNet/IP Core by Hilscher Gesellschaft für Systemautomation mbH.
The impact of the vulnerabilities on the affected device is that it can result in:
* Denial of Service (DoS)
* Remote Code Execution (RCE)
* Code Exposure
**Note:**
ICE1-8IOL-S2-G60L-V1D (70103603) is not affected by CVE-2021-20986
Impact: Pepperl+Fuchs analyzed and identified affected devices.
Remote attackers may exploit the vulnerability sending specially crafted packages that may result in a denial-of-service condition or code execution.
Mitigation: An external protective measure is required. Minimize network exposure for affected products and ensure that they are not accessible via the Internet.
Isolate affected products from the corporate network. If remote access is required, use secure methods such as virtual private networks (VPNs).
A denial of service and memory corruption vulnerability was found in Hilscher EtherNet/IP Core V2 prior to V2.13.0.21that may lead to code injection through network or make devices crash without recovery.
8.6 (High)
Mitigation
An external protective measure is required.
Minimize network exposure for affected products and ensure that they are not accessible via the Internet.
Isolate affected products from the corporate network.
If remote access is required, use secure methods such as virtual private networks (VPNs).
Affected products
Known affected
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Hardware ICE1-16DI-G60L-V1D <= F10017
Pepperl+Fuchs / Hardware / ICE1-16DI-G60L-V1D
|
<= F10017 | ||
|
Hardware ICE1-16DIO-G60L-C1-V1D <= F10017
Pepperl+Fuchs / Hardware / ICE1-16DIO-G60L-C1-V1D
|
<= F10017 | ||
|
Hardware ICE1-16DIO-G60L-V1D <= F10017
Pepperl+Fuchs / Hardware / ICE1-16DIO-G60L-V1D
|
<= F10017 | ||
|
Hardware ICE1-8DI8DO-G60L-C1-V1D <= F10017
Pepperl+Fuchs / Hardware / ICE1-8DI8DO-G60L-C1-V1D
|
<= F10017 | ||
|
Hardware ICE1-8DI8DO-G60L-V1D <= F10017
Pepperl+Fuchs / Hardware / ICE1-8DI8DO-G60L-V1D
|
<= F10017 | ||
|
Hardware ICE1-8IOL-G30L-V1D <= F10017
Pepperl+Fuchs / Hardware / ICE1-8IOL-G30L-V1D
|
<= F10017 | ||
|
Hardware ICE1-8IOL-G60L-V1D <= F10017
Pepperl+Fuchs / Hardware / ICE1-8IOL-G60L-V1D
|
<= F10017 | ||
|
Hardware ICE1-8IOL-S2-G60L-V1D <= F10017
Pepperl+Fuchs / Hardware / ICE1-8IOL-S2-G60L-V1D
|
<= F10017 |
In Hilscher rcX RTOS versions prios to V2.1.14.1 the actual UDP packet length is not verified against the length indicated by the packet. This may lead to a denial of service of the affected device.
7.5 (High)
Mitigation
An external protective measure is required.
Minimize network exposure for affected products and ensure that they are not accessible via the Internet.
Isolate affected products from the corporate network.
If remote access is required, use secure methods such as virtual private networks (VPNs).
Affected products
Known affected
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Hardware ICE1-16DI-G60L-V1D <= F10017
Pepperl+Fuchs / Hardware / ICE1-16DI-G60L-V1D
|
<= F10017 | ||
|
Hardware ICE1-16DIO-G60L-C1-V1D <= F10017
Pepperl+Fuchs / Hardware / ICE1-16DIO-G60L-C1-V1D
|
<= F10017 | ||
|
Hardware ICE1-16DIO-G60L-V1D <= F10017
Pepperl+Fuchs / Hardware / ICE1-16DIO-G60L-V1D
|
<= F10017 | ||
|
Hardware ICE1-8DI8DO-G60L-C1-V1D <= F10017
Pepperl+Fuchs / Hardware / ICE1-8DI8DO-G60L-C1-V1D
|
<= F10017 | ||
|
Hardware ICE1-8DI8DO-G60L-V1D <= F10017
Pepperl+Fuchs / Hardware / ICE1-8DI8DO-G60L-V1D
|
<= F10017 | ||
|
Hardware ICE1-8IOL-G30L-V1D <= F10017
Pepperl+Fuchs / Hardware / ICE1-8IOL-G30L-V1D
|
<= F10017 | ||
|
Hardware ICE1-8IOL-G60L-V1D <= F10017
Pepperl+Fuchs / Hardware / ICE1-8IOL-G60L-V1D
|
<= F10017 | ||
|
Hardware ICE1-8IOL-S2-G60L-V1D <= F10017
Pepperl+Fuchs / Hardware / ICE1-8IOL-S2-G60L-V1D
|
<= F10017 |
A Denial of Service vulnerability was found in Hilscher PROFINET IO Device V3 in versions prior to V3.14.0.7. This may lead to unexpected loss of cyclic communication or interruption of acyclic communication.
7.5 (High)
Mitigation
An external protective measure is required.
Minimize network exposure for affected products and ensure that they are not accessible via the Internet.
Isolate affected products from the corporate network.
If remote access is required, use secure methods such as virtual private networks (VPNs).
Affected products
Known affected
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Hardware ICE1-16DI-G60L-V1D <= F10017
Pepperl+Fuchs / Hardware / ICE1-16DI-G60L-V1D
|
<= F10017 | ||
|
Hardware ICE1-16DIO-G60L-C1-V1D <= F10017
Pepperl+Fuchs / Hardware / ICE1-16DIO-G60L-C1-V1D
|
<= F10017 | ||
|
Hardware ICE1-16DIO-G60L-V1D <= F10017
Pepperl+Fuchs / Hardware / ICE1-16DIO-G60L-V1D
|
<= F10017 | ||
|
Hardware ICE1-8DI8DO-G60L-C1-V1D <= F10017
Pepperl+Fuchs / Hardware / ICE1-8DI8DO-G60L-C1-V1D
|
<= F10017 | ||
|
Hardware ICE1-8DI8DO-G60L-V1D <= F10017
Pepperl+Fuchs / Hardware / ICE1-8DI8DO-G60L-V1D
|
<= F10017 | ||
|
Hardware ICE1-8IOL-G30L-V1D <= F10017
Pepperl+Fuchs / Hardware / ICE1-8IOL-G30L-V1D
|
<= F10017 | ||
|
Hardware ICE1-8IOL-G60L-V1D <= F10017
Pepperl+Fuchs / Hardware / ICE1-8IOL-G60L-V1D
|
<= F10017 | ||
|
Hardware ICE1-8IOL-S2-G60L-V1D <= F10017
Pepperl+Fuchs / Hardware / ICE1-8IOL-S2-G60L-V1D
|
<= F10017 |
The ECDSA signature implementation in ecdsa.c in Arm Mbed Crypto 2.1 and Mbed TLS through 2.19.1 does not reduce the blinded scalar before computing the inverse, which allows a local attacker to recover the private key via side-channel attacks.
4.7 (Medium)
Mitigation
An external protective measure is required.
Minimize network exposure for affected products and ensure that they are not accessible via the Internet.
Isolate affected products from the corporate network.
If remote access is required, use secure methods such as virtual private networks (VPNs).
Affected products
Known affected
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Hardware ICE1-16DI-G60L-V1D <= F10017
Pepperl+Fuchs / Hardware / ICE1-16DI-G60L-V1D
|
<= F10017 | ||
|
Hardware ICE1-16DIO-G60L-C1-V1D <= F10017
Pepperl+Fuchs / Hardware / ICE1-16DIO-G60L-C1-V1D
|
<= F10017 | ||
|
Hardware ICE1-16DIO-G60L-V1D <= F10017
Pepperl+Fuchs / Hardware / ICE1-16DIO-G60L-V1D
|
<= F10017 | ||
|
Hardware ICE1-8DI8DO-G60L-C1-V1D <= F10017
Pepperl+Fuchs / Hardware / ICE1-8DI8DO-G60L-C1-V1D
|
<= F10017 | ||
|
Hardware ICE1-8DI8DO-G60L-V1D <= F10017
Pepperl+Fuchs / Hardware / ICE1-8DI8DO-G60L-V1D
|
<= F10017 | ||
|
Hardware ICE1-8IOL-G30L-V1D <= F10017
Pepperl+Fuchs / Hardware / ICE1-8IOL-G30L-V1D
|
<= F10017 | ||
|
Hardware ICE1-8IOL-G60L-V1D <= F10017
Pepperl+Fuchs / Hardware / ICE1-8IOL-G60L-V1D
|
<= F10017 | ||
|
Hardware ICE1-8IOL-S2-G60L-V1D <= F10017
Pepperl+Fuchs / Hardware / ICE1-8IOL-S2-G60L-V1D
|
<= F10017 |
References
3 references
Acknowledgments
CERT@VDE
certvde.com
Hilscher Gesellschaft für Systemautomation mbH
{
"document": {
"acknowledgments": [
{
"organization": "CERT@VDE",
"summary": "coordination",
"urls": [
"https://certvde.com"
]
},
{
"organization": "Hilscher Gesellschaft f\u00fcr Systemautomation mbH",
"summary": "reporting."
}
],
"aggregate_severity": {
"namespace": "https://www.first.org/cvss/v3.1/specification-document#Qualitative-Severity-Rating-Scale",
"text": "High"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en-GB",
"notes": [
{
"category": "summary",
"text": "Critical vulnerability has been discovered in the utilized components rcX, mbedTLS, PROFINET IO Device and EtherNet/IP Core by Hilscher Gesellschaft f\u00fcr Systemautomation mbH.\nThe impact of the vulnerabilities on the affected device is that it can result in:\n* Denial of Service (DoS)\n* Remote Code Execution (RCE)\n* Code Exposure\n\n**Note:**\nICE1-8IOL-S2-G60L-V1D (70103603) is not affected by CVE-2021-20986",
"title": "Summary"
},
{
"category": "description",
"text": "Pepperl+Fuchs analyzed and identified affected devices.\nRemote attackers may exploit the vulnerability sending specially crafted packages that may result in a denial-of-service condition or code execution.",
"title": "Impact"
},
{
"category": "description",
"text": "An external protective measure is required. Minimize network exposure for affected products and ensure that they are not accessible via the Internet.\nIsolate affected products from the corporate network. If remote access is required, use secure methods such as virtual private networks (VPNs).",
"title": "Mitigation"
}
],
"publisher": {
"category": "vendor",
"contact_details": "cert@pepperl-fuchs.com",
"name": "Pepperl+Fuchs SE",
"namespace": "https://www.pepperl-fuchs.com"
},
"references": [
{
"category": "external",
"summary": "Pepperl+Fuchs advisory overview at CERT@VDE",
"url": "https://certvde.com/de/advisories/vendor/pepperl+fuchs/"
},
{
"category": "self",
"summary": "VDE-2021-018: Pepperl+Fuchs: Multiple vulnerabilites in ICE1 Ethernet IO Modules - HTML",
"url": "https://certvde.com/en/advisories/VDE-2021-018"
},
{
"category": "self",
"summary": "VDE-2021-018: Pepperl+Fuchs: Multiple vulnerabilites in ICE1 Ethernet IO Modules - CSAF",
"url": "https://pepperl-fuchs.csaf-tp.certvde.com/.well-known/csaf/white/2021/vde-2021-018.json"
}
],
"source_lang": "en",
"title": "Pepperl+Fuchs: Multiple vulnerabilites in ICE1 Ethernet IO Modules",
"tracking": {
"aliases": [
"VDE-2021-018"
],
"current_release_date": "2021-05-12T08:57:00.000Z",
"generator": {
"date": "2024-12-06T08:39:04.675Z",
"engine": {
"name": "Secvisogram",
"version": "2.5.15"
}
},
"id": "VDE-2021-018",
"initial_release_date": "2021-05-12T08:57:00.000Z",
"revision_history": [
{
"date": "2021-05-12T08:57:00.000Z",
"number": "1",
"summary": "Initial revision."
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c= F10017",
"product": {
"name": "Hardware ICE1-16DI-G60L-V1D \u003c= F10017",
"product_id": "CSAFPID-11001"
}
}
],
"category": "product_name",
"name": "ICE1-16DI-G60L-V1D"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c= F10017",
"product": {
"name": "Hardware ICE1-16DIO-G60L-C1-V1D \u003c= F10017",
"product_id": "CSAFPID-11002"
}
}
],
"category": "product_name",
"name": "ICE1-16DIO-G60L-C1-V1D"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c= F10017",
"product": {
"name": "Hardware ICE1-16DIO-G60L-V1D \u003c= F10017",
"product_id": "CSAFPID-11003"
}
}
],
"category": "product_name",
"name": "ICE1-16DIO-G60L-V1D"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c= F10017",
"product": {
"name": "Hardware ICE1-8DI8DO-G60L-C1-V1D \u003c= F10017",
"product_id": "CSAFPID-11004"
}
}
],
"category": "product_name",
"name": "ICE1-8DI8DO-G60L-C1-V1D"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c= F10017",
"product": {
"name": "Hardware ICE1-8DI8DO-G60L-V1D \u003c= F10017",
"product_id": "CSAFPID-11005"
}
}
],
"category": "product_name",
"name": "ICE1-8DI8DO-G60L-V1D"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c= F10017",
"product": {
"name": "Hardware ICE1-8IOL-G30L-V1D \u003c= F10017",
"product_id": "CSAFPID-11006"
}
}
],
"category": "product_name",
"name": "ICE1-8IOL-G30L-V1D"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c= F10017",
"product": {
"name": "Hardware ICE1-8IOL-G60L-V1D \u003c= F10017",
"product_id": "CSAFPID-11007"
}
}
],
"category": "product_name",
"name": "ICE1-8IOL-G60L-V1D"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c= F10017",
"product": {
"name": "Hardware ICE1-8IOL-S2-G60L-V1D \u003c= F10017",
"product_id": "CSAFPID-11008"
}
}
],
"category": "product_name",
"name": "ICE1-8IOL-S2-G60L-V1D"
}
],
"category": "product_family",
"name": "Hardware"
}
],
"category": "vendor",
"name": "Pepperl+Fuchs"
}
],
"product_groups": [
{
"group_id": "CSAFGID-0001",
"product_ids": [
"CSAFPID-11001",
"CSAFPID-11002",
"CSAFPID-11003",
"CSAFPID-11004",
"CSAFPID-11005",
"CSAFPID-11006",
"CSAFPID-11007",
"CSAFPID-11008"
],
"summary": "Affected Products."
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2021-20987",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"notes": [
{
"audience": "all",
"category": "description",
"text": "A denial of service and memory corruption vulnerability was found in Hilscher EtherNet/IP Core V2 prior to V2.13.0.21that may lead to code injection through network or make devices crash without recovery.",
"title": "Vulnerability Description"
}
],
"product_status": {
"known_affected": [
"CSAFPID-11001",
"CSAFPID-11002",
"CSAFPID-11003",
"CSAFPID-11004",
"CSAFPID-11005",
"CSAFPID-11006",
"CSAFPID-11007",
"CSAFPID-11008"
]
},
"remediations": [
{
"category": "mitigation",
"details": "An external protective measure is required.\n\nMinimize network exposure for affected products and ensure that they are not accessible via the Internet.\nIsolate affected products from the corporate network.\nIf remote access is required, use secure methods such as virtual private networks (VPNs).",
"group_ids": [
"CSAFGID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"environmentalScore": 8.6,
"environmentalSeverity": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"temporalScore": 8.6,
"temporalSeverity": "HIGH",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-11001",
"CSAFPID-11002",
"CSAFPID-11003",
"CSAFPID-11004",
"CSAFPID-11005",
"CSAFPID-11006",
"CSAFPID-11007",
"CSAFPID-11008"
]
}
],
"title": "CVE-2021-20987"
},
{
"cve": "CVE-2021-20988",
"cwe": {
"id": "CWE-119",
"name": "Improper Restriction of Operations within the Bounds of a Memory Buffer"
},
"notes": [
{
"audience": "all",
"category": "description",
"text": "In Hilscher rcX RTOS versions prios to V2.1.14.1 the actual UDP packet length is not verified against the length indicated by the packet. This may lead to a denial of service of the affected device.",
"title": "Vulnerability Description"
}
],
"product_status": {
"known_affected": [
"CSAFPID-11001",
"CSAFPID-11002",
"CSAFPID-11003",
"CSAFPID-11004",
"CSAFPID-11005",
"CSAFPID-11006",
"CSAFPID-11007",
"CSAFPID-11008"
]
},
"remediations": [
{
"category": "mitigation",
"details": "An external protective measure is required.\n\nMinimize network exposure for affected products and ensure that they are not accessible via the Internet.\nIsolate affected products from the corporate network.\nIf remote access is required, use secure methods such as virtual private networks (VPNs).",
"group_ids": [
"CSAFGID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"environmentalScore": 7.5,
"environmentalSeverity": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 7.5,
"temporalSeverity": "HIGH",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-11001",
"CSAFPID-11002",
"CSAFPID-11003",
"CSAFPID-11004",
"CSAFPID-11005",
"CSAFPID-11006",
"CSAFPID-11007",
"CSAFPID-11008"
]
}
],
"title": "CVE-2021-20988"
},
{
"cve": "CVE-2021-20986",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"notes": [
{
"audience": "all",
"category": "description",
"text": "A Denial of Service vulnerability was found in Hilscher PROFINET IO Device V3 in versions prior to V3.14.0.7. This may lead to unexpected loss of cyclic communication or interruption of acyclic communication.",
"title": "Vulnerability Description"
}
],
"product_status": {
"known_affected": [
"CSAFPID-11001",
"CSAFPID-11002",
"CSAFPID-11003",
"CSAFPID-11004",
"CSAFPID-11005",
"CSAFPID-11006",
"CSAFPID-11007",
"CSAFPID-11008"
]
},
"remediations": [
{
"category": "mitigation",
"details": "An external protective measure is required.\n\nMinimize network exposure for affected products and ensure that they are not accessible via the Internet.\nIsolate affected products from the corporate network.\nIf remote access is required, use secure methods such as virtual private networks (VPNs).",
"group_ids": [
"CSAFGID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"environmentalScore": 7.5,
"environmentalSeverity": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 7.5,
"temporalSeverity": "HIGH",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-11001",
"CSAFPID-11002",
"CSAFPID-11003",
"CSAFPID-11004",
"CSAFPID-11005",
"CSAFPID-11006",
"CSAFPID-11007",
"CSAFPID-11008"
]
}
],
"title": "CVE-2021-20986"
},
{
"cve": "CVE-2019-18222",
"cwe": {
"id": "CWE-203",
"name": "Observable Discrepancy"
},
"notes": [
{
"audience": "all",
"category": "description",
"text": "The ECDSA signature implementation in ecdsa.c in Arm Mbed Crypto 2.1 and Mbed TLS through 2.19.1 does not reduce the blinded scalar before computing the inverse, which allows a local attacker to recover the private key via side-channel attacks.",
"title": "Vulnerability Description"
}
],
"product_status": {
"known_affected": [
"CSAFPID-11001",
"CSAFPID-11002",
"CSAFPID-11003",
"CSAFPID-11004",
"CSAFPID-11005",
"CSAFPID-11006",
"CSAFPID-11007",
"CSAFPID-11008"
]
},
"remediations": [
{
"category": "mitigation",
"details": "An external protective measure is required.\n\nMinimize network exposure for affected products and ensure that they are not accessible via the Internet.\nIsolate affected products from the corporate network.\nIf remote access is required, use secure methods such as virtual private networks (VPNs).",
"group_ids": [
"CSAFGID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"environmentalScore": 4.7,
"environmentalSeverity": "MEDIUM",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"temporalScore": 4.7,
"temporalSeverity": "MEDIUM",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-11001",
"CSAFPID-11002",
"CSAFPID-11003",
"CSAFPID-11004",
"CSAFPID-11005",
"CSAFPID-11006",
"CSAFPID-11007",
"CSAFPID-11008"
]
}
],
"title": "CVE-2019-18222"
}
]
}
Loading…
Trend slope:
-
(linear fit over daily sighting counts)
Show additional events:
Loading…
Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.
Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…