Required CVE Record Information
Description
An attacker with physical access to Nuvoton Trusted Platform Module (NPCT75x 7.2.x before 7.2.2.0) could extract an Elliptic Curve Cryptography (ECC) private key via a side-channel attack against ECDSA, because of an Observable Timing Discrepancy.
CVSS 1 Total
| Score | Severity | Version | Vector String |
|---|---|---|---|
| 3.8 | LOW | 3.1 | CVSS:3.1/AC:H/AV:P/A:N/C:H/I:N/PR:H/S:U/UI:N |
Updated:
This container includes required additional information provided by the CVE Program for this vulnerability.