CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2021-3011

An electromagnetic-wave side-channel issue was discovered on NXP SmartMX / P5x security microcontrollers and A7x secure authentication microcontrollers, with CryptoLib through v2.9. It allows attackers to extract the ECDSA private key after extensive physical access (and consequently produce a clone). This was demonstrated on the Google Titan Security Key, based on an NXP A7005a chip. Other FIDO U2F security keys are also impacted (Yubico YubiKey Neo and Feitian K9, K13, K21, and K40) as well as several NXP JavaCard smartcards (J3A081, J2A081, J3A041, J3D145_M59, J2D145_M59, J3D120_M60, J3D082_M60, J2D120_M60, J2D082_M60, J3D081_M59, J2D081_M59, J3D081_M61, J2D081_M61, J3D081_M59_DF, J3D081_M61_DF, J3E081_M64, J3E081_M66, J2E081_M64, J3E041_M66, J3E016_M66, J3E016_M64, J3E041_M64, J3E145_M64, J3E120_M65, J3E082_M65, J2E145_M64, J2E120_M65, J2E082_M65, J3E081_M64_DF, J3E081_M66_DF, J3E041_M66_DF, J3E016_M66_DF, J3E041_M64_DF, and J3E016_M64_DF).

Exploit prediction scoring system (EPSS) score

EPSS Score 0.001

EPSS Ranking 17.7%

CVSS Severity

CVSS v3 Score 4.2

CVSS v2 Score 1.9

References

Products affected by CVE-2021-3011

Ftsafe » K13 » Version: N/A

cpe:2.3:h:ftsafe:k13:-
Ftsafe » K21 » Version: N/A

cpe:2.3:h:ftsafe:k21:-
Ftsafe » K40 » Version: N/A

cpe:2.3:h:ftsafe:k40:-
Ftsafe » K9 » Version: N/A

cpe:2.3:h:ftsafe:k9:-
Google » Titan Security Key » Version: N/A

cpe:2.3:h:google:titan_security_key:-
Nxp » 3a081 » Version: N/A

cpe:2.3:h:nxp:3a081:-
Nxp » A7005a » Version: N/A

cpe:2.3:h:nxp:a7005a:-
Nxp » J2a081 » Version: N/A

cpe:2.3:h:nxp:j2a081:-
Nxp » J2d081 M59 » Version: N/A

cpe:2.3:h:nxp:j2d081_m59:-
Nxp » J2d081 M61 » Version: N/A

cpe:2.3:h:nxp:j2d081_m61:-
Nxp » J2d082 M60 » Version: N/A

cpe:2.3:h:nxp:j2d082_m60:-
Nxp » J2d120 M60 » Version: N/A

cpe:2.3:h:nxp:j2d120_m60:-
Nxp » J2d145 M59 » Version: N/A

cpe:2.3:h:nxp:j2d145_m59:-
Nxp » J2e081 M64 » Version: N/A

cpe:2.3:h:nxp:j2e081_m64:-
Nxp » J2e082 M65 » Version: N/A

cpe:2.3:h:nxp:j2e082_m65:-
Nxp » J2e120 M65 » Version: N/A

cpe:2.3:h:nxp:j2e120_m65:-
Nxp » J2e145 M64 » Version: N/A

cpe:2.3:h:nxp:j2e145_m64:-
Nxp » J3a041 » Version: N/A

cpe:2.3:h:nxp:j3a041:-
Nxp » J3d081 M59 » Version: N/A

cpe:2.3:h:nxp:j3d081_m59:-
Nxp » J3d081 M59 Df » Version: N/A

cpe:2.3:h:nxp:j3d081_m59_df:-
Nxp » J3d081 M61 » Version: N/A

cpe:2.3:h:nxp:j3d081_m61:-
Nxp » J3d081 M61 Df » Version: N/A

cpe:2.3:h:nxp:j3d081_m61_df:-
Nxp » J3d082 M60 » Version: N/A

cpe:2.3:h:nxp:j3d082_m60:-
Nxp » J3d120 M60 » Version: N/A

cpe:2.3:h:nxp:j3d120_m60:-
Nxp » J3d145 M59 » Version: N/A

cpe:2.3:h:nxp:j3d145_m59:-
Nxp » J3e016 M64 » Version: N/A

cpe:2.3:h:nxp:j3e016_m64:-
Nxp » J3e016 M64 Df » Version: N/A

cpe:2.3:h:nxp:j3e016_m64_df:-
Nxp » J3e016 M66 » Version: N/A

cpe:2.3:h:nxp:j3e016_m66:-
Nxp » J3e016 M66 Df » Version: N/A

cpe:2.3:h:nxp:j3e016_m66_df:-
Nxp » J3e041 M64 » Version: N/A

cpe:2.3:h:nxp:j3e041_m64:-
Nxp » J3e041 M64 Df » Version: N/A

cpe:2.3:h:nxp:j3e041_m64_df:-
Nxp » J3e041 M66 » Version: N/A

cpe:2.3:h:nxp:j3e041_m66:-
Nxp » J3e041 M66 Df » Version: N/A

cpe:2.3:h:nxp:j3e041_m66_df:-
Nxp » J3e081 M64 » Version: N/A

cpe:2.3:h:nxp:j3e081_m64:-
Nxp » J3e081 M64 Df » Version: N/A

cpe:2.3:h:nxp:j3e081_m64_df:-
Nxp » J3e081 M66 » Version: N/A

cpe:2.3:h:nxp:j3e081_m66:-
Nxp » J3e081 M66 Df » Version: N/A

cpe:2.3:h:nxp:j3e081_m66_df:-
Nxp » J3e082 M65 » Version: N/A

cpe:2.3:h:nxp:j3e082_m65:-
Nxp » J3e120 M65 » Version: N/A

cpe:2.3:h:nxp:j3e120_m65:-
Nxp » J3e145 M64 » Version: N/A

cpe:2.3:h:nxp:j3e145_m64:-
Nxp » P5010 » Version: N/A

cpe:2.3:h:nxp:p5010:-
Nxp » P5020 » Version: N/A

cpe:2.3:h:nxp:p5020:-
Nxp » P5021 » Version: N/A

cpe:2.3:h:nxp:p5021:-
Nxp » P5040 » Version: N/A

cpe:2.3:h:nxp:p5040:-
Yubico » Yubikey Neo » Version: N/A

cpe:2.3:h:yubico:yubikey_neo:-

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2021-3011

Products

Pricing

Contact Us