7.5
CVE-2022-48251
- EPSS 0.14%
- Veröffentlicht 10.01.2023 07:15:09
- Zuletzt bearbeitet 21.11.2024 07:33:02
- Quelle cve@mitre.org
- Teams Watchlist Login
- Unerledigt Login
The AES instructions on the ARMv8 platform do not have an algorithm that is "intrinsically resistant" to side-channel attacks. NOTE: the vendor reportedly offers the position "while power side channel attacks ... are possible, they are not directly caused by or related to the Arm architecture."
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Arm ≫ Cortex-a53 Firmware Version-
Arm ≫ Cortex-a55 Firmware Version-
Arm ≫ Cortex-a57 Firmware Version-
Arm ≫ Cortex-a72 Firmware Version-
Arm ≫ Cortex-a73 Firmware Version-
Arm ≫ Cortex-a75 Firmware Version-
Arm ≫ Cortex-a76 Firmware Version-
Arm ≫ Cortex-a76ae Firmware Version-
Arm ≫ Cortex-a77 Firmware Version-
Arm ≫ Cortex-a78 Firmware Version-
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.14% | 0.353 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 7.5 | 3.9 | 3.6 |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
|
CWE-203 Observable Discrepancy
The product behaves differently or sends different responses under different circumstances in a way that is observable to an unauthorized actor, which exposes security-relevant information about the state of the product, such as whether a particular operation was successful or not.