Billy Bob Brumley

**Name of the Vulnerable Software and Affected Versions** Firefox versions prior to 80 Firefox for Android versions prior to 80 **Description** The issue is related to the modular inversion function in the Network Security Services (NSS) library, which contains defects in cryptographic algorithms. This could allow an attacker to gain unauthorized access to protected information through a possible timing-based side channel attack when converting coordinates from projective to affine. **Recommendations** For Firefox versions prior to 80, update to version 80 or later. For Firefox for Android versions prior to 80, update to version 80 or later.

**Name of the Vulnerable Software and Affected Versions** Firefox versions prior to 80 Firefox for Android versions prior to 80 **Description** The issue is related to the ECDSA signature generation process, where the removal of padding in the nonce leads to variable-time execution that depends on secret data. This could potentially allow an attacker to gain unauthorized access to protected information. The estimated number of potentially affected devices worldwide is not specified. **Recommendations** For Firefox versions prior to 80, update to version 80 or later to resolve the issue. For Firefox for Android versions prior to 80, update to version 80 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** wolfSSL versions prior to 4.4.0 **Description** The issue concerns the private-key operations in ecc.c, which do not use a constant-time modular inverse when mapping to affine coordinates. This is also known as a "projective coordinates leak." **Recommendations** For versions prior to 4.4.0, update to version 4.4.0 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** Firefox versions prior to 80 Firefox for Android versions prior to 80 SAP NetWeaver (affected versions not specified) **Description** The issue is related to the use of the wNAF point multiplication algorithm during EC scalar point multiplication, which leaked partial information about the nonce used during signature generation. This allowed an attacker to compute the private key given an electro-magnetic trace of a few signature generations. Additionally, there is a vulnerability in the Knowledge Management component of the SAP NetWeaver platform related to the failure to neutralize script-related HTML tags on a web page, which could enable a remote attacker to perform cross-site scripting attacks. **Recommendations** For Firefox versions prior to 80, update to version 80 or later. For Firefox for Android versions prior to 80, update to version 80 or later. For SAP NetWeaver, restrict access to the vulnerable Knowledge Management component to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for the SAP NetWeaver vulnerability.

Name of the Vulnerable Software and Affected Versions: Firefox versions prior to 78 Description: The issue is related to weaknesses in the cryptographic algorithms used by the Network Security Services (NSS) library. It allows an attacker to gain access to confidential data by exploiting a side channel attack during RSA key generation. Specifically, the bignum implementations used a variation of the Binary Extended Euclidean Algorithm, which had input-dependent flow, enabling attackers to record traces and recover secret primes through electromagnetic-based side channel attacks. Note that an unmodified Firefox browser is not affected in normal operation, but products built on top of it might be. Recommendations: For Firefox versions prior to 78, update to version 78 or later to resolve the issue. As a temporary workaround, consider restricting RSA key generation in affected products until a patch is available.