CVE-2017-13091

Name of the Vulnerable Software and Affected Versions: IEEE P1735 (affected versions not specified)

Description: The P1735 IEEE standard has flawed methods for encrypting electronic-design intellectual property (IP) and managing access rights. Specifically, the improperly specified padding in CBC mode can be exploited, allowing the use of an EDA tool as a decryption oracle. This flaw enables attack vectors that can recover the entire underlying plaintext IP. Implementations of this standard may be weak to cryptographic attacks, potentially allowing attackers to obtain plaintext intellectual property without the key.

Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.