Vulnerability Details CVE-2022-48251
The AES instructions on the ARMv8 platform do not have an algorithm that is "intrinsically resistant" to side-channel attacks. NOTE: the vendor reportedly offers the position "while power side channel attacks ... are possible, they are not directly caused by or related to the Arm architecture."
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 31.5%
CVSS Severity
CVSS v3 Score 7.5
References
Products affected by CVE-2022-48251
-
cpe:2.3:h:arm:cortex-a53:-
-
cpe:2.3:h:arm:cortex-a55:-
-
cpe:2.3:h:arm:cortex-a57:-
-
cpe:2.3:h:arm:cortex-a72:-
-
cpe:2.3:h:arm:cortex-a73:-
-
cpe:2.3:h:arm:cortex-a75:-
-
cpe:2.3:h:arm:cortex-a76:-
-
cpe:2.3:h:arm:cortex-a76ae:-
-
cpe:2.3:h:arm:cortex-a77:-
-
cpe:2.3:h:arm:cortex-a78:-
-
cpe:2.3:o:arm:cortex-a53_firmware:-
-
cpe:2.3:o:arm:cortex-a55_firmware:-
-
cpe:2.3:o:arm:cortex-a57_firmware:-
-
cpe:2.3:o:arm:cortex-a72_firmware:-
-
cpe:2.3:o:arm:cortex-a73_firmware:-
-
cpe:2.3:o:arm:cortex-a75_firmware:-
-
cpe:2.3:o:arm:cortex-a76_firmware:-
-
cpe:2.3:o:arm:cortex-a76ae_firmware:-
-
cpe:2.3:o:arm:cortex-a77_firmware:-
-
cpe:2.3:o:arm:cortex-a78_firmware:-