VDE-2025-005

Vulnerability from csaf_phoenixcontactgmbhcokg - Published: 2025-01-14 11:00 - Updated: 2025-05-14 13:00
Summary
Phoenix Contact: Security Advisory for ESL Stick USB-A
Severity
Medium
Notes
Summary: A vulnerability has been found in a cryptographic library of Infineon Technologies that is part of the firmware of the CmDongles. The exploitation of this vulnerability has been classified as complex: potential attackers need physical access and require special equipment to exploit the vulnerability. In general, this vulnerability affects only ECC keys used to calculate signatures with the ECDSA algorithm.
Impact: An attack would enable an attacker to create licenses that can be transferred into arbitrary CmDongles or CmActLicenses. A scaling hack is possible which can distribute licenses that cannot be distinguished from legitimate ones.
Mitigation: Following measures are recommended to reduce the risk until the fixed version can be installed. Please be aware that not all mitigations apply to every possible product configuration, so please check which of these could be relevant or applicable in your case: As physical access is needed to exploit the vulnerabilities, it is recommended to take strict measures to control the access to the CmDongles, especially to the FSBs (Firm Security Box). General security best practices can help to protect systems from local and network attacks.
Remediation: Update the firmware of the CmDongle to version 4.52. The FW for the CmDongle can be downloaded on the Wibu-Systems webpage.
Product description: CmDongle for saving licenses for various software products.
CVE-2024-45678
4.2 (Medium)
CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
CWE-203 - Observable Discrepancy
Vendor Fix Phoenix Contact strongly recommends upgrading affected ESL STICK USB A s to firmware version 4.5.2 which fixes this vulnerability. https://www.wibu.com/support/faq/codemeter-hardwa…
References
Acknowledgments
CERTVDE
Wibu-Systems
Infineon
NinjaLabs
To clipboard 

{
  "document": {
    "acknowledgments": [
      {
        "organization": "CERTVDE",
        "summary": "Coordination"
      },
      {
        "organization": "Wibu-Systems",
        "summary": "Reporting"
      },
      {
        "organization": "Infineon",
        "summary": "Reporting"
      },
      {
        "organization": "NinjaLabs",
        "summary": "Reporting"
      }
    ],
    "aggregate_severity": {
      "namespace": "https://www.first.org/cvss/v3.1/specification-document#Qualitative-Severity-Rating-Scale",
      "text": "medium"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en-GB",
    "notes": [
      {
        "category": "summary",
        "text": "A vulnerability has been found in a cryptographic library of Infineon Technologies that is part of the firmware of the CmDongles. The exploitation of this vulnerability has been classified as complex: potential attackers need physical access and require special equipment to exploit the vulnerability. In general, this vulnerability affects only ECC keys used to calculate signatures with the ECDSA algorithm.",
        "title": "Summary"
      },
      {
        "category": "description",
        "text": "An attack would enable an attacker to create licenses that can be transferred into arbitrary CmDongles or CmActLicenses. A scaling hack is possible which can distribute licenses that cannot be distinguished from legitimate ones. ",
        "title": "Impact"
      },
      {
        "category": "description",
        "text": "Following measures are recommended to reduce the risk until the fixed version can be installed. Please be aware that not all mitigations apply to every possible product configuration, so please check which of these could be relevant or applicable in your case: As physical access is needed to exploit the vulnerabilities, it is recommended to take strict measures to control the access to the CmDongles, especially to the FSBs (Firm Security Box). General security best practices can help to protect systems from local and network attacks.",
        "title": "Mitigation"
      },
      {
        "category": "description",
        "text": "Update the firmware of the CmDongle to version 4.52. The FW for the CmDongle can be downloaded on the Wibu-Systems webpage.",
        "title": "Remediation"
      },
      {
        "category": "description",
        "text": "CmDongle for saving licenses for various software products.",
        "title": "Product description"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "psirt@phoenixcontact.com",
      "name": "Phoenix Contact GmbH \u0026 Co. KG",
      "namespace": "https://phoenixcontact.com/psirt"
    },
    "references": [
      {
        "category": "self",
        "summary": "VDE-2025-005: Phoenix Contact: Security Advisory for ESL Stick USB-A - HTML",
        "url": "https://certvde.com/en/advisories/VDE-2025-005/"
      },
      {
        "category": "external",
        "summary": "Phoenix Contact advisory overview at CERT@VDE",
        "url": "https://certvde.com/de/advisories/vendor/phoenixcontact/"
      },
      {
        "category": "external",
        "summary": "PCSA-2024/00019",
        "url": "https://phoenixcontact.com/psirt"
      },
      {
        "category": "self",
        "summary": "VDE-2025-005: Phoenix Contact: Security Advisory for ESL Stick USB-A - CSAF",
        "url": "https://phoenixcontact.csaf-tp.certvde.com/.well-known/csaf/white/2025/vde-2025-005.json"
      }
    ],
    "title": "Phoenix Contact: Security Advisory for ESL Stick USB-A",
    "tracking": {
      "aliases": [
        "VDE-2025-005",
        "PCSA-2024/00019"
      ],
      "current_release_date": "2025-05-14T13:00:14.000Z",
      "generator": {
        "date": "2025-01-14T11:39:21.639Z",
        "engine": {
          "name": "Secvisogram",
          "version": "2.5.16"
        }
      },
      "id": "VDE-2025-005",
      "initial_release_date": "2025-01-14T11:00:00.000Z",
      "revision_history": [
        {
          "date": "2025-01-14T11:00:00.000Z",
          "number": "1",
          "summary": "Initial revision"
        },
        {
          "date": "2025-02-12T16:48:47.000Z",
          "number": "2",
          "summary": "Fix: corrected self-reference, fix version"
        },
        {
          "date": "2025-05-14T13:00:14.000Z",
          "number": "3",
          "summary": "Fix: added distribution"
        }
      ],
      "status": "final",
      "version": "3"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_name",
                "name": "ESL STICK USB A",
                "product": {
                  "name": "ESL STICK USB A",
                  "product_id": "CSAFPID-11001",
                  "product_identification_helper": {
                    "model_numbers": [
                      "1080084"
                    ]
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "Hardware"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "\u003c4.5.2",
                "product": {
                  "name": "Firmware \u003c4.5.2",
                  "product_id": "CSAFPID-21001"
                }
              },
              {
                "category": "product_version",
                "name": "4.5.2",
                "product": {
                  "name": "Firmware 4.5.2",
                  "product_id": "CSAFPID-22001"
                }
              }
            ],
            "category": "product_family",
            "name": "Firmware"
          }
        ],
        "category": "vendor",
        "name": "Phoenix Contact"
      }
    ],
    "relationships": [
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Firmware \u003c4.5.2 installed on ESL STICK USB A",
          "product_id": "CSAFPID-31001"
        },
        "product_reference": "CSAFPID-21001",
        "relates_to_product_reference": "CSAFPID-11001"
      },
      {
        "category": "installed_on",
        "full_product_name": {
          "name": "Firmware 4.5.2 installed on ESL STICK USB A",
          "product_id": "CSAFPID-32001"
        },
        "product_reference": "CSAFPID-22001",
        "relates_to_product_reference": "CSAFPID-11001"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2024-45678",
      "cwe": {
        "id": "CWE-203",
        "name": "Observable Discrepancy"
      },
      "notes": [
        {
          "category": "summary",
          "text": "Yubico YubiKey 5 Series devices with firmware before 5.7.0 and YubiHSM 2 devices with firmware before 2.4.0 allow an ECDSA secret-key extraction attack (that requires physical access and expensive equipment) in which an electromagnetic side channel is present because of a non-constant-time modular inversion for the Extended Euclidean Algorithm, aka the EUCLEAK issue. Other uses of an Infineon cryptographic library may also be affected.",
          "title": "Summary"
        }
      ],
      "product_status": {
        "fixed": [
          "CSAFPID-32001"
        ],
        "known_affected": [
          "CSAFPID-31001"
        ]
      },
      "release_date": "2025-01-14T11:00:00.000Z",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2025-01-14T11:00:00.000Z",
          "details": "Phoenix Contact strongly recommends upgrading affected ESL STICK USB A s to firmware version 4.5.2 which fixes this vulnerability.",
          "product_ids": [
            "CSAFPID-22001",
            "CSAFPID-32001"
          ],
          "url": "https://www.wibu.com/support/faq/codemeter-hardware-general.html#faq-29694"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "HIGH",
            "attackVector": "PHYSICAL",
            "availabilityImpact": "NONE",
            "baseScore": 4.2,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "HIGH",
            "environmentalScore": 4.2,
            "environmentalSeverity": "MEDIUM",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "temporalScore": 4.2,
            "temporalSeverity": "MEDIUM",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-31001"
          ]
        }
      ],
      "title": "CVE-2024-45678"
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.