CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2024-23170

An issue was discovered in Mbed TLS 2.x before 2.28.7 and 3.x before 3.5.2. There was a timing side channel in RSA private operations. This side channel could be sufficient for a local attacker to recover the plaintext. It requires the attacker to send a large number of messages for decryption, as described in "Everlasting ROBOT: the Marvin Attack" by Hubert Kario.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.001

EPSS Ranking 21.5%

CVSS Severity

CVSS v3 Score 5.5

References

Products affected by CVE-2024-23170

Arm » Mbed Tls » Version: 2.0.0

cpe:2.3:a:arm:mbed_tls:2.0.0
Arm » Mbed Tls » Version: 2.1.0

cpe:2.3:a:arm:mbed_tls:2.1.0
Arm » Mbed Tls » Version: 2.1.1

cpe:2.3:a:arm:mbed_tls:2.1.1
Arm » Mbed Tls » Version: 2.1.10

cpe:2.3:a:arm:mbed_tls:2.1.10
Arm » Mbed Tls » Version: 2.1.11

cpe:2.3:a:arm:mbed_tls:2.1.11
Arm » Mbed Tls » Version: 2.1.12

cpe:2.3:a:arm:mbed_tls:2.1.12
Arm » Mbed Tls » Version: 2.1.13

cpe:2.3:a:arm:mbed_tls:2.1.13
Arm » Mbed Tls » Version: 2.1.14

cpe:2.3:a:arm:mbed_tls:2.1.14
Arm » Mbed Tls » Version: 2.1.15

cpe:2.3:a:arm:mbed_tls:2.1.15
Arm » Mbed Tls » Version: 2.1.16

cpe:2.3:a:arm:mbed_tls:2.1.16
Arm » Mbed Tls » Version: 2.1.17

cpe:2.3:a:arm:mbed_tls:2.1.17
Arm » Mbed Tls » Version: 2.1.18

cpe:2.3:a:arm:mbed_tls:2.1.18
Arm » Mbed Tls » Version: 2.1.2

cpe:2.3:a:arm:mbed_tls:2.1.2
Arm » Mbed Tls » Version: 2.1.3

cpe:2.3:a:arm:mbed_tls:2.1.3
Arm » Mbed Tls » Version: 2.1.4

cpe:2.3:a:arm:mbed_tls:2.1.4
Arm » Mbed Tls » Version: 2.1.5

cpe:2.3:a:arm:mbed_tls:2.1.5
Arm » Mbed Tls » Version: 2.1.6

cpe:2.3:a:arm:mbed_tls:2.1.6
Arm » Mbed Tls » Version: 2.1.7

cpe:2.3:a:arm:mbed_tls:2.1.7
Arm » Mbed Tls » Version: 2.1.8

cpe:2.3:a:arm:mbed_tls:2.1.8
Arm » Mbed Tls » Version: 2.1.9

cpe:2.3:a:arm:mbed_tls:2.1.9
Arm » Mbed Tls » Version: 2.10.0

cpe:2.3:a:arm:mbed_tls:2.10.0
Arm » Mbed Tls » Version: 2.11.0

cpe:2.3:a:arm:mbed_tls:2.11.0
Arm » Mbed Tls » Version: 2.12.0

cpe:2.3:a:arm:mbed_tls:2.12.0
Arm » Mbed Tls » Version: 2.13.0

cpe:2.3:a:arm:mbed_tls:2.13.0
Arm » Mbed Tls » Version: 2.13.1

cpe:2.3:a:arm:mbed_tls:2.13.1
Arm » Mbed Tls » Version: 2.14.0

cpe:2.3:a:arm:mbed_tls:2.14.0
Arm » Mbed Tls » Version: 2.14.1

cpe:2.3:a:arm:mbed_tls:2.14.1
Arm » Mbed Tls » Version: 2.15.0

cpe:2.3:a:arm:mbed_tls:2.15.0
Arm » Mbed Tls » Version: 2.15.1

cpe:2.3:a:arm:mbed_tls:2.15.1
Arm » Mbed Tls » Version: 2.16.0

cpe:2.3:a:arm:mbed_tls:2.16.0
Arm » Mbed Tls » Version: 2.16.1

cpe:2.3:a:arm:mbed_tls:2.16.1
Arm » Mbed Tls » Version: 2.16.10

cpe:2.3:a:arm:mbed_tls:2.16.10
Arm » Mbed Tls » Version: 2.16.11

cpe:2.3:a:arm:mbed_tls:2.16.11
Arm » Mbed Tls » Version: 2.16.12

cpe:2.3:a:arm:mbed_tls:2.16.12
Arm » Mbed Tls » Version: 2.16.2

cpe:2.3:a:arm:mbed_tls:2.16.2
Arm » Mbed Tls » Version: 2.16.3

cpe:2.3:a:arm:mbed_tls:2.16.3
Arm » Mbed Tls » Version: 2.16.4

cpe:2.3:a:arm:mbed_tls:2.16.4
Arm » Mbed Tls » Version: 2.16.5

cpe:2.3:a:arm:mbed_tls:2.16.5
Arm » Mbed Tls » Version: 2.16.6

cpe:2.3:a:arm:mbed_tls:2.16.6
Arm » Mbed Tls » Version: 2.16.7

cpe:2.3:a:arm:mbed_tls:2.16.7
Arm » Mbed Tls » Version: 2.16.8

cpe:2.3:a:arm:mbed_tls:2.16.8
Arm » Mbed Tls » Version: 2.16.9

cpe:2.3:a:arm:mbed_tls:2.16.9
Arm » Mbed Tls » Version: 2.17.0

cpe:2.3:a:arm:mbed_tls:2.17.0
Arm » Mbed Tls » Version: 2.18.0

cpe:2.3:a:arm:mbed_tls:2.18.0
Arm » Mbed Tls » Version: 2.18.1

cpe:2.3:a:arm:mbed_tls:2.18.1
Arm » Mbed Tls » Version: 2.19.0

cpe:2.3:a:arm:mbed_tls:2.19.0
Arm » Mbed Tls » Version: 2.19.1

cpe:2.3:a:arm:mbed_tls:2.19.1
Arm » Mbed Tls » Version: 2.2.0

cpe:2.3:a:arm:mbed_tls:2.2.0
Arm » Mbed Tls » Version: 2.2.1

cpe:2.3:a:arm:mbed_tls:2.2.1
Arm » Mbed Tls » Version: 2.2.2

cpe:2.3:a:arm:mbed_tls:2.2.2
Arm » Mbed Tls » Version: 2.2.3

cpe:2.3:a:arm:mbed_tls:2.2.3
Arm » Mbed Tls » Version: 2.20.0

cpe:2.3:a:arm:mbed_tls:2.20.0
Arm » Mbed Tls » Version: 2.21.0

cpe:2.3:a:arm:mbed_tls:2.21.0
Arm » Mbed Tls » Version: 2.22.0

cpe:2.3:a:arm:mbed_tls:2.22.0
Arm » Mbed Tls » Version: 2.23.0

cpe:2.3:a:arm:mbed_tls:2.23.0
Arm » Mbed Tls » Version: 2.24.0

cpe:2.3:a:arm:mbed_tls:2.24.0
Arm » Mbed Tls » Version: 2.25.0

cpe:2.3:a:arm:mbed_tls:2.25.0
Arm » Mbed Tls » Version: 2.26.0

cpe:2.3:a:arm:mbed_tls:2.26.0
Arm » Mbed Tls » Version: 2.27.0

cpe:2.3:a:arm:mbed_tls:2.27.0
Arm » Mbed Tls » Version: 2.28.0

cpe:2.3:a:arm:mbed_tls:2.28.0
Arm » Mbed Tls » Version: 2.28.1

cpe:2.3:a:arm:mbed_tls:2.28.1
Arm » Mbed Tls » Version: 2.28.2

cpe:2.3:a:arm:mbed_tls:2.28.2
Arm » Mbed Tls » Version: 2.28.3

cpe:2.3:a:arm:mbed_tls:2.28.3
Arm » Mbed Tls » Version: 2.28.4

cpe:2.3:a:arm:mbed_tls:2.28.4
Arm » Mbed Tls » Version: 2.28.5

cpe:2.3:a:arm:mbed_tls:2.28.5
Arm » Mbed Tls » Version: 2.28.6

cpe:2.3:a:arm:mbed_tls:2.28.6
Arm » Mbed Tls » Version: 2.3.0

cpe:2.3:a:arm:mbed_tls:2.3.0
Arm » Mbed Tls » Version: 2.3.1

cpe:2.3:a:arm:mbed_tls:2.3.1
Arm » Mbed Tls » Version: 2.3.2

cpe:2.3:a:arm:mbed_tls:2.3.2
Arm » Mbed Tls » Version: 2.4.0

cpe:2.3:a:arm:mbed_tls:2.4.0
Arm » Mbed Tls » Version: 2.4.1

cpe:2.3:a:arm:mbed_tls:2.4.1
Arm » Mbed Tls » Version: 2.4.2

cpe:2.3:a:arm:mbed_tls:2.4.2
Arm » Mbed Tls » Version: 2.5.0

cpe:2.3:a:arm:mbed_tls:2.5.0
Arm » Mbed Tls » Version: 2.5.1

cpe:2.3:a:arm:mbed_tls:2.5.1
Arm » Mbed Tls » Version: 2.6.0

cpe:2.3:a:arm:mbed_tls:2.6.0
Arm » Mbed Tls » Version: 2.6.1

cpe:2.3:a:arm:mbed_tls:2.6.1
Arm » Mbed Tls » Version: 2.7.0

cpe:2.3:a:arm:mbed_tls:2.7.0
Arm » Mbed Tls » Version: 2.7.1

cpe:2.3:a:arm:mbed_tls:2.7.1
Arm » Mbed Tls » Version: 2.7.10

cpe:2.3:a:arm:mbed_tls:2.7.10
Arm » Mbed Tls » Version: 2.7.11

cpe:2.3:a:arm:mbed_tls:2.7.11
Arm » Mbed Tls » Version: 2.7.12

cpe:2.3:a:arm:mbed_tls:2.7.12
Arm » Mbed Tls » Version: 2.7.13

cpe:2.3:a:arm:mbed_tls:2.7.13
Arm » Mbed Tls » Version: 2.7.14

cpe:2.3:a:arm:mbed_tls:2.7.14
Arm » Mbed Tls » Version: 2.7.15

cpe:2.3:a:arm:mbed_tls:2.7.15
Arm » Mbed Tls » Version: 2.7.16

cpe:2.3:a:arm:mbed_tls:2.7.16
Arm » Mbed Tls » Version: 2.7.17

cpe:2.3:a:arm:mbed_tls:2.7.17
Arm » Mbed Tls » Version: 2.7.18

cpe:2.3:a:arm:mbed_tls:2.7.18
Arm » Mbed Tls » Version: 2.7.19

cpe:2.3:a:arm:mbed_tls:2.7.19
Arm » Mbed Tls » Version: 2.7.2

cpe:2.3:a:arm:mbed_tls:2.7.2
Arm » Mbed Tls » Version: 2.7.3

cpe:2.3:a:arm:mbed_tls:2.7.3
Arm » Mbed Tls » Version: 2.7.4

cpe:2.3:a:arm:mbed_tls:2.7.4
Arm » Mbed Tls » Version: 2.7.5

cpe:2.3:a:arm:mbed_tls:2.7.5
Arm » Mbed Tls » Version: 2.7.6

cpe:2.3:a:arm:mbed_tls:2.7.6
Arm » Mbed Tls » Version: 2.7.7

cpe:2.3:a:arm:mbed_tls:2.7.7
Arm » Mbed Tls » Version: 2.7.8

cpe:2.3:a:arm:mbed_tls:2.7.8
Arm » Mbed Tls » Version: 2.7.9

cpe:2.3:a:arm:mbed_tls:2.7.9
Arm » Mbed Tls » Version: 2.8.0

cpe:2.3:a:arm:mbed_tls:2.8.0
Arm » Mbed Tls » Version: 2.9.0

cpe:2.3:a:arm:mbed_tls:2.9.0
Arm » Mbed Tls » Version: 3.0.0

cpe:2.3:a:arm:mbed_tls:3.0.0
Arm » Mbed Tls » Version: 3.1.0

cpe:2.3:a:arm:mbed_tls:3.1.0
Arm » Mbed Tls » Version: 3.2.0

cpe:2.3:a:arm:mbed_tls:3.2.0
Arm » Mbed Tls » Version: 3.2.1

cpe:2.3:a:arm:mbed_tls:3.2.1
Arm » Mbed Tls » Version: 3.3.0

cpe:2.3:a:arm:mbed_tls:3.3.0
Arm » Mbed Tls » Version: 3.4.0

cpe:2.3:a:arm:mbed_tls:3.4.0
Arm » Mbed Tls » Version: 3.4.1

cpe:2.3:a:arm:mbed_tls:3.4.1
Arm » Mbed Tls » Version: 3.5.0

cpe:2.3:a:arm:mbed_tls:3.5.0
Arm » Mbed Tls » Version: 3.5.1

cpe:2.3:a:arm:mbed_tls:3.5.1

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2024-23170

Products

Pricing

Contact Us