CVE-2017-3225

Name of the Vulnerable Software and Affected Versions: Das U-Boot (affected versions not specified)

Description: The issue concerns Das U-Boot's use of a zero initialization vector in its AES-CBC encryption feature, which may allow attacks against the underlying cryptographic implementation. This could enable an attacker to decrypt the data by performing dictionary attacks on encrypted data produced by Das U-Boot, potentially revealing information about the encrypted data.

Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.