PT-2021-16680 · Keymaster · Keymaster
Alon Shakevsky
+2
·
Published
2021-10-06
·
Updated
2022-08-01
·
CVE-2021-25490
CVSS v3.1
6.0
Medium
| Vector | AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N |
Name of the Vulnerable Software and Affected Versions:
keymaster versions prior to SMR Oct-2021 Release 1
Description:
A keyblob downgrade attack in keymaster allows an attacker to trigger an IV reuse issue with a privileged process.
Recommendations:
For versions prior to SMR Oct-2021 Release 1, update to SMR Oct-2021 Release 1 or later to resolve the issue.
Fix
Improper Authentication
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Keymaster