Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2021-3011

An electromagnetic-wave side-channel issue was discovered on NXP SmartMX / P5x security microcontrollers and A7x secure authentication microcontrollers, with CryptoLib through v2.9. It allows attackers to extract the ECDSA private key after extensive physical access (and consequently produce a clone). This was demonstrated on the Google Titan Security Key, based on an NXP A7005a chip. Other FIDO U2F security keys are also impacted (Yubico YubiKey Neo and Feitian K9, K13, K21, and K40) as well as several NXP JavaCard smartcards (J3A081, J2A081, J3A041, J3D145_M59, J2D145_M59, J3D120_M60, J3D082_M60, J2D120_M60, J2D082_M60, J3D081_M59, J2D081_M59, J3D081_M61, J2D081_M61, J3D081_M59_DF, J3D081_M61_DF, J3E081_M64, J3E081_M66, J2E081_M64, J3E041_M66, J3E016_M66, J3E016_M64, J3E041_M64, J3E145_M64, J3E120_M65, J3E082_M65, J2E145_M64, J2E120_M65, J2E082_M65, J3E081_M64_DF, J3E081_M66_DF, J3E041_M66_DF, J3E016_M66_DF, J3E041_M64_DF, and J3E016_M64_DF).

Published

2021-01-07T16:15:12.120

Last Modified

2024-11-21T06:20:44.607

Status

Modified

Source

[email protected]

Severity

CVSSv3.1: 4.2 (MEDIUM)

CVSSv2 Vector

AV:L/AC:M/Au:N/C:P/I:N/A:N

Access Vector: LOCAL
Access Complexity: MEDIUM
Authentication: NONE
Confidentiality Impact: PARTIAL
Integrity Impact: NONE
Availability Impact: NONE

Exploitability Score

3.4

Impact Score

2.9

Weaknesses

Type: Primary
CWE-670

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Hardware	ftsafe	k13	-	Yes
Hardware	ftsafe	k21	-	Yes
Hardware	ftsafe	k40	-	Yes
Hardware	ftsafe	k9	-	Yes
Hardware	google	titan_security_key	-	Yes
Hardware	nxp	3a081	-	Yes
Hardware	nxp	a7005a	-	Yes
Hardware	nxp	j2a081	-	Yes
Hardware	nxp	j2d081_m59	-	Yes
Hardware	nxp	j2d081_m61	-	Yes
Hardware	nxp	j2d082_m60	-	Yes
Hardware	nxp	j2d120_m60	-	Yes
Hardware	nxp	j2d145_m59	-	Yes
Hardware	nxp	j2e081_m64	-	Yes
Hardware	nxp	j2e082_m65	-	Yes
Hardware	nxp	j2e120_m65	-	Yes
Hardware	nxp	j2e145_m64	-	Yes
Hardware	nxp	j3a041	-	Yes
Hardware	nxp	j3d081_m59	-	Yes
Hardware	nxp	j3d081_m59_df	-	Yes
Hardware	nxp	j3d081_m61	-	Yes
Hardware	nxp	j3d081_m61_df	-	Yes
Hardware	nxp	j3d082_m60	-	Yes
Hardware	nxp	j3d120_m60	-	Yes
Hardware	nxp	j3d145_m59	-	Yes
Hardware	nxp	j3e016_m64	-	Yes
Hardware	nxp	j3e016_m64_df	-	Yes
Hardware	nxp	j3e016_m66	-	Yes
Hardware	nxp	j3e016_m66_df	-	Yes
Hardware	nxp	j3e041_m64	-	Yes
Hardware	nxp	j3e041_m64_df	-	Yes
Hardware	nxp	j3e041_m66	-	Yes
Hardware	nxp	j3e041_m66_df	-	Yes
Hardware	nxp	j3e081_m64	-	Yes
Hardware	nxp	j3e081_m64_df	-	Yes
Hardware	nxp	j3e081_m66	-	Yes
Hardware	nxp	j3e081_m66_df	-	Yes
Hardware	nxp	j3e082_m65	-	Yes
Hardware	nxp	j3e120_m65	-	Yes
Hardware	nxp	j3e145_m64	-	Yes
Hardware	nxp	p5010	-	Yes
Hardware	nxp	p5020	-	Yes
Hardware	nxp	p5021	-	Yes
Hardware	nxp	p5040	-	Yes
Hardware	yubico	yubikey_neo	-	Yes

References

https://ninjalab.io/a-side-journey-to-titan/ Third Party Advisory ([email protected])
https://ninjalab.io/wp-content/uploads/2021/01/a_side_journey_to_titan.pdf Exploit, Technical Description, Third Party Advisory ([email protected])
https://ninjalab.io/a-side-journey-to-titan/ Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)
https://ninjalab.io/wp-content/uploads/2021/01/a_side_journey_to_titan.pdf Exploit, Technical Description, Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)