CVE-2020-27208

The flash read-out protection (RDP) level is not enforced during the device initialization phase of the SoloKeys Solo 4.0.0 & Somu and the Nitrokey FIDO2 token. This allows an adversary to downgrade the RDP level and access secrets such as private ECC keys from SRAM via the debug interface.

CVSS v3 6.8 MEDIUM
CVSS v2.0 4.6 MEDIUM

6.8^/10

CVSS v3 : MEDIUM

Vector :

Exploitability : 0.9 / Impact : 5.9

Attack Vector PHYSICAL

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

4.6^/10

CVSS v2.0 : MEDIUM

Vector : AV:L/AC:L/Au:N/C:P/I:P/A:P

Exploitability : 3.9 / Impact : 6.4

Access Vector LOCAL

Access Complexity LOW

Authentication NONE

Confidentiality Impact PARTIAL

Integrity Impact PARTIAL

Availability Impact PARTIAL

References

Link	Resource
https://eprint.iacr.org/2021/640	Third Party Advisory
https://github.com/solokeys/solo/commit/a9c02cd354f34b48195a342c7f524abdef5cbcec	Patch Third Party Advisory
https://solokeys.com	Product
https://twitter.com/SoloKeysSec	Product
https://www.aisec.fraunhofer.de/de/das-institut/wissenschaftliche-exzellenz/security-and-trust-in-open-source-security-tokens.html	Third Party Advisory
https://www.aisec.fraunhofer.de/en/FirmwareProtection.html	Exploit Third Party Advisory

Configurations

Configuration 1 (hide)

AND

cpe:2.3:o:solokeys:solo_firmware:4.0.0:*:*:*:*:*:*:*

cpe:2.3:h:solokeys:solo:-:*:*:*:*:*:*:*

Configuration 2 (hide)

AND

cpe:2.3:o:solokeys:somu_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:solokeys:somu:-:*:*:*:*:*:*:*

Configuration 3 (hide)

AND

cpe:2.3:o:nitrokey:fido2_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:nitrokey:fido2:-:*:*:*:*:*:*:*

History

No history.

Information

Published : 2021-05-21 12:15

Updated : 2021-05-28 15:41

NVD link : CVE-2020-27208

Mitre link : CVE-2020-27208

CVE.ORG link : CVE-2020-27208

JSON object : View

Products Affected

solokeys

somu_firmware
solo_firmware
somu
solo

nitrokey

fido2_firmware
fido2

CWE

CWE-326

Inadequate Encryption Strength

{"id": "CVE-2020-27208", "cveTags": [], "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 4.6, "accessVector": "LOCAL", "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "LOW", "availabilityImpact": "PARTIAL", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 6.4, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 3.9, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}], "cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 6.8, "attackVector": "PHYSICAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 0.9}]}, "published": "2021-05-21T12:15:07.663", "references": [{"url": "https://eprint.iacr.org/2021/640", "tags": ["Third Party Advisory"], "source": "cve@mitre.org"}, {"url": "https://github.com/solokeys/solo/commit/a9c02cd354f34b48195a342c7f524abdef5cbcec", "tags": ["Patch", "Third Party Advisory"], "source": "cve@mitre.org"}, {"url": "https://solokeys.com", "tags": ["Product"], "source": "cve@mitre.org"}, {"url": "https://twitter.com/SoloKeysSec", "tags": ["Product"], "source": "cve@mitre.org"}, {"url": "https://www.aisec.fraunhofer.de/de/das-institut/wissenschaftliche-exzellenz/security-and-trust-in-open-source-security-tokens.html", "tags": ["Third Party Advisory"], "source": "cve@mitre.org"}, {"url": "https://www.aisec.fraunhofer.de/en/FirmwareProtection.html", "tags": ["Exploit", "Third Party Advisory"], "source": "cve@mitre.org"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-326"}]}], "descriptions": [{"lang": "en", "value": "The flash read-out protection (RDP) level is not enforced during the device initialization phase of the SoloKeys Solo 4.0.0 & Somu and the Nitrokey FIDO2 token. This allows an adversary to downgrade the RDP level and access secrets such as private ECC keys from SRAM via the debug interface."}, {"lang": "es", "value": "El nivel de protecci\u00f3n de lectura flash (RDP) no se aplica durante la fase de inicializaci\u00f3n del dispositivo del SoloKeys Solo 4.0.0 & Somu y el token de Nitrokey FIDO2. Esto permite a un adversario degradar el nivel de RDP y acceder a secretos como claves ECC privadas de SRAM por medio de la interfaz de depuraci\u00f3n"}], "lastModified": "2021-05-28T15:41:32.837", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:solokeys:solo_firmware:4.0.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "9F4A1941-6161-4C38-945C-298984D12855"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:solokeys:solo:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "34CA8B4C-315B-44DC-9167-D124735508E6"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:solokeys:somu_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "AE13529D-B23F-43C3-A82A-BD82C671DB56"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:solokeys:somu:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "842068EB-B958-45E3-A1FF-332D4617ABD5"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:nitrokey:fido2_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "AA9A941B-1849-47BB-ABC0-743FD1A4E330"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:nitrokey:fido2:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "C6CA2A4B-E52A-4F7A-82B7-7CFBC69354D0"}], "operator": "OR"}], "operator": "AND"}], "sourceIdentifier": "cve@mitre.org"}