Vulnerability Details CVE-2019-16128
Microchip CryptoAuthentication Library CryptoAuthLib prior to 20191122 has a Buffer Overflow (issue 1 of 2).
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 28.7%
CVSS Severity
CVSS v3 Score 6.8
CVSS v2 Score 4.6
References
- http://www.openwall.com/lists/oss-security/2020/10/22/1
- https://census-labs.com/news/2020/10/21/microchip-cryptoauthlib-atcab_sign_base-buffer-overflow/
- https://www.microchip.com/design-centers/security-ics/cryptoauthentication
- http://www.openwall.com/lists/oss-security/2020/10/22/1
- https://census-labs.com/news/2020/10/21/microchip-cryptoauthlib-atcab_sign_base-buffer-overflow/
- https://www.microchip.com/design-centers/security-ics/cryptoauthentication
Products affected by CVE-2019-16128
-
cpe:2.3:a:microchip:cryptoauthlib:-
-
cpe:2.3:a:microchip:cryptoauthlib:20160108
-
cpe:2.3:a:microchip:cryptoauthlib:20170701
-
cpe:2.3:a:microchip:cryptoauthlib:20171117
-
cpe:2.3:a:microchip:cryptoauthlib:20180115
-
cpe:2.3:a:microchip:cryptoauthlib:20180329
-
cpe:2.3:a:microchip:cryptoauthlib:20180718
-
cpe:2.3:a:microchip:cryptoauthlib:20180725
-
cpe:2.3:a:microchip:cryptoauthlib:20180817
-
cpe:2.3:a:microchip:cryptoauthlib:20181025
-
cpe:2.3:a:microchip:cryptoauthlib:20181026
-
cpe:2.3:a:microchip:cryptoauthlib:20190104
-
cpe:2.3:a:microchip:cryptoauthlib:20190125
-
cpe:2.3:a:microchip:cryptoauthlib:20190304
-
cpe:2.3:a:microchip:cryptoauthlib:20190517
-
cpe:2.3:a:microchip:cryptoauthlib:20190830
-
cpe:2.3:a:microchip:cryptoauthlib:20190831
-
cpe:2.3:a:microchip:cryptoauthlib:20190903