MidnightBSD

Advisories for ftsafe

CVE-2018-16160 MEDIUM

SecureCore Standard Edition Version 2.x allows an attacker to bypass the product 's authentication to log in to a Windows PC.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-287,

Products Affected

Vendor Product Version
ftsafe securecore *
CVE-2021-3011 LOW

An electromagnetic-wave side-channel issue was discovered on NXP SmartMX / P5x security microcontrollers and A7x secure authentication microcontrollers, with CryptoLib through v2.9. It allows attackers to extract the ECDSA private key after extensive physical access (and consequently produce a clone). This was demonstrated on the Google Titan Security Key, based on an NXP A7005a chip. Other FIDO U2F security keys are also impacted (Yubico YubiKey Neo and Feitian K9, K13, K21, and K40) as well as several NXP JavaCard smartcards (J3A081, J2A081, J3A041, J3D145_M59, J2D145_M59, J3D120_M60, J3D082_M60, J2D120_M60, J2D082_M60, J3D081_M59, J2D081_M59, J3D081_M61, J2D081_M61, J3D081_M59_DF, J3D081_M61_DF, J3E081_M64, J3E081_M66, J2E081_M64, J3E041_M66, J3E016_M66, J3E016_M64, J3E041_M64, J3E145_M64, J3E120_M65, J3E082_M65, J2E145_M64, J2E120_M65, J2E082_M65, J3E081_M64_DF, J3E081_M66_DF, J3E041_M66_DF, J3E016_M66_DF, J3E041_M64_DF, and J3E016_M64_DF).

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 4.2 MEDIUM CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N 0.5 3.6

CVSS 2.0

Severity: LOW

Problem Type: CWE-670,

Products Affected

Vendor Product Version
nxp j3e016_m64 -
nxp j3a041 -
nxp j3e016_m66_df -
nxp j3d081_m61_df -
nxp j3e041_m64 -
nxp a7005a -
nxp j3d120_m60 -
nxp j2e120_m65 -
nxp p5040 -
nxp j3e082_m65 -
nxp j3e081_m64_df -
nxp j2d081_m61 -
nxp j3e041_m64_df -
nxp j2d081_m59 -
nxp 3a081 -
yubico yubikey_neo -
nxp j3e081_m64 -
nxp j3d081_m59_df -
nxp j2d145_m59 -
ftsafe k9 -
nxp j2e145_m64 -
nxp j3e120_m65 -
nxp p5020 -
nxp j2e082_m65 -
nxp j2d120_m60 -
nxp j3d082_m60 -
nxp j3e041_m66_df -
google titan_security_key -
nxp j3d145_m59 -
nxp j3e016_m66 -
nxp j3e041_m66 -
ftsafe k21 -
nxp j3e016_m64_df -
nxp j3e081_m66 -
nxp j2e081_m64 -
nxp p5010 -
nxp j3e145_m64 -
ftsafe k40 -
nxp j3e081_m66_df -
nxp p5021 -
nxp j2a081 -
nxp j3d081_m59 -
nxp j2d082_m60 -
nxp j3d081_m61 -
ftsafe k13 -