CVE-2010-0928

ADVISORY - nist

Summary

OpenSSL 0.9.8i on the Gaisler Research LEON3 SoC on the Xilinx Virtex-II Pro FPGA uses a Fixed Width Exponentiation (FWE) algorithm for certain signature calculations, and does not verify the signature before providing it to a caller, which makes it easier for physically proximate attackers to determine the private key via a modified supply voltage for the microprocessor, related to a "fault-based attack."

EPSS Score⁠: 0.00098 (0.283)

Common Weakness Enumeration (CWE)

ADVISORY - nist

CWE-310⁠

Cryptographic Issues

Impacted images

Advisories

NIST

CREATED

15 years ago

UPDATED

2 months ago

ADVISORY IDCVE-2010-0928⁠

EXPLOITABILITY SCORE

1.9

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)

CWE-310⁠

CVSS SCORE

4medium

Debian

CREATED

15 years ago

UPDATED

4 months ago

ADVISORY IDCVE-2010-0928⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Alow

Ubuntu

CREATED

15 years ago

UPDATED

4 months ago

ADVISORY IDCVE-2010-0928⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Alow

Red Hat

CREATED

15 years ago

UPDATED

4 months ago

ADVISORY IDCVE-2010-0928⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Alow

intheWild

CREATED

4 months ago

UPDATED

4 months ago

ADVISORY IDCVE-2010-0928⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

RATING UNAVAILABLE FROM ADVISORY