CVE-2024-45678
- EPSS 0.03%
- Published 03.09.2024 20:15:08
- Last modified 17.03.2025 18:15:18
Yubico YubiKey 5 Series devices with firmware before 5.7.0 and YubiHSM 2 devices with firmware before 2.4.0 allow an ECDSA secret-key extraction attack (that requires physical access and expensive equipment) in which an electromagnetic side channel i...
CVE-2020-15001
- EPSS 0.08%
- Published 09.07.2020 19:15:11
- Last modified 21.11.2024 05:04:36
An information leak was discovered on Yubico YubiKey 5 NFC devices 5.0.0 to 5.2.6 and 5.3.0 to 5.3.1. The OTP application allows a user to set optional access codes on OTP slots. This access code is intended to prevent unauthorized changes to OTP con...
CVE-2020-15000
- EPSS 0.23%
- Published 09.07.2020 18:15:10
- Last modified 21.11.2024 05:04:35
A PIN management problem was discovered on Yubico YubiKey 5 devices 5.2.0 to 5.2.6. OpenPGP has three passwords: Admin PIN, Reset Code, and User PIN. The Reset Code is used to reset the User PIN, but it is disabled by default. A flaw in the implement...