CVE-2020-12402
CVSS v3.1
4.4 (Medium)
CVSS v2.0
1.2 (Low)
EPSS
0.07 % (30th)
Affected Products
4
Advisories
24
During RSA key generation, bignum implementations used a variation of the Binary Extended Euclidean Algorithm which entailed significantly input-dependent flow. This allowed an attacker able to perform electromagnetic-based side channel attacks to record traces leading to the recovery of the secret primes. Note: An unmodified Firefox browser does not generate RSA keys in normal operation and is not affected, but products built on top of it might. This vulnerability affects Firefox < 78.
Weaknesses
- CWE-203
- Observable Discrepancy
- CVE Status
- PUBLISHED
- CNA
- Mozilla Corporation
- Published Date
-
2020-07-09 15:15:10
(4 years ago) - Updated Date
-
2023-11-07 03:15:24
(10 months ago)
Affected Products
Loading...
Loading...
Loading...
Configuration #1
|
Configuration #2
|
Configuration #3
|
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...