Vulnerability Details CVE-2021-33881
On NXP MIFARE Ultralight and NTAG cards, an attacker can interrupt a write operation (aka conduct a "tear off" attack) over RFID to bypass a Monotonic Counter protection mechanism. The impact depends on how the anti tear-off feature is used in specific applications such as public transportation, physical access control, etc.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 19.0%
CVSS Severity
CVSS v3 Score 4.2
CVSS v2 Score 1.9
References
- https://blog.quarkslab.com/rfid-monotonic-counter-anti-tearing-defeated.html
- https://www.nxp.com/docs/en/application-note/AN11340.pdf
- https://www.nxp.com/docs/en/application-note/AN13089.pdf
- https://www.sstic.org/2021/presentation/eeprom_it_will_all_end_in_tears/
- https://blog.quarkslab.com/rfid-monotonic-counter-anti-tearing-defeated.html
- https://www.nxp.com/docs/en/application-note/AN11340.pdf
- https://www.nxp.com/docs/en/application-note/AN13089.pdf
- https://www.sstic.org/2021/presentation/eeprom_it_will_all_end_in_tears/
Products affected by CVE-2021-33881
-
cpe:2.3:h:nxp:mifare_ultralight_c:-
-
cpe:2.3:h:nxp:mifare_ultralight_ev1:-
-
cpe:2.3:h:nxp:mifare_ultralight_nano:-
-
cpe:2.3:h:nxp:ntag_210:-
-
cpe:2.3:h:nxp:ntag_212:-
-
cpe:2.3:h:nxp:ntag_213:-
-
cpe:2.3:h:nxp:ntag_215:-
-
cpe:2.3:h:nxp:ntag_216:-
-
cpe:2.3:o:nxp:mifare_ultralight_c_firmware:-
-
cpe:2.3:o:nxp:mifare_ultralight_ev1_firmware:-
-
cpe:2.3:o:nxp:mifare_ultralight_nano_firmware:-
-
cpe:2.3:o:nxp:ntag_210_firmware:-
-
cpe:2.3:o:nxp:ntag_212_firmware:-
-
cpe:2.3:o:nxp:ntag_213_firmware:-
-
cpe:2.3:o:nxp:ntag_215_firmware:-
-
cpe:2.3:o:nxp:ntag_216_firmware:-