CVE-2026-6923

EPSS 0.12%
Veröffentlicht 14.05.2026 16:14:33
Zuletzt bearbeitet 14.05.2026 18:24:08
Quelle cna@cyber.gov.il
CVE-Watchlists
Login
Unerledigt
Login

Nuvoton - CWE-1300: Improper Protection of Physical Side Channels

A side-channel attack, which requires a physical presence to the TPM, can lead to extraction of an Elliptic Curve Diffie-Hellman (ECDH) key.

Betroffene Produkte Warnungen 0 Metriken 2 CWE 1 Referenzen 4

CNA 1 VulnDex Vulnerability Enrichment 1

Daten sind bereitgestellt durch das CVE Programm von einer CVE Numbering Authority (CNA) (Unstrukturiert).

HerstellerNuvoton

≫

Produkt NPCT7xx

Default Statusunaffected

Version all versions below 7.2.4.0

Status affected

VulnDex Vulnerability Enrichment

Diese Information steht angemeldeten Benutzern zur Verfügung.

Zu dieser CVE wurde keine Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.12%	0.02

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
cna@cyber.gov.il	3.8	0.2	3.6	CVSS:3.1/AV:P/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N

CWE-1300 Improper Protection of Physical Side Channels

The device does not contain sufficient protection mechanisms to prevent physical side channels from exposing sensitive information due to patterns in physically observable phenomena such as variations in power consumption, electromagnetic emissions (EME), or acoustic emissions.

https://www.gov.il/en/departments/dynamiccollectors/cve_advisories_listing?skip=0

https://nvd.nist.gov/vuln/detail/CVE-2026-6923

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2026-6923

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2026-6923

EUVD

Team-orientierte Vulnerability Management Plattform

Features der Plattform

CVE-2026-6923