Vulnerabilities > CVE-2020-12788 - Information Exposure Through Discrepancy vulnerability in Microchip products

CVSS 5.0 - MEDIUM

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

PARTIAL

Integrity impact

NONE

Availability impact

NONE

network

low complexity

microchip

CWE-203

NVD

Published: 2020-09-14

Updated: 2020-09-18

Summary

CMAC verification functionality in Microchip Atmel ATSAMA5 products is vulnerable to vulnerable to timing and power analysis attacks.

Vulnerable Configurations

Part	Description	Count
OS	Microchip Microchip Atsama5D21C CU Firmware - Microchip Atsama5D21C CUR Firmware - Microchip Atsama5D22C CN Firmware - Microchip Atsama5D22C CNR Firmware - Microchip Atsama5D22C CU Firmware - Microchip Atsama5D22C CUR Firmware - Microchip Atsama5D23C CN Firmware - Microchip Atsama5D23C CNR Firmware - Microchip Atsama5D23C CU Firmware - Microchip Atsama5D23C CUR Firmware - Microchip Atsama5D24C CU Firmware - Microchip Atsama5D24C CUF Firmware - Microchip Atsama5D24C CUR Firmware - Microchip Atsama5D26C CN Firmware - Microchip Atsama5D26C CNR Firmware - Microchip Atsama5D26C CU Firmware - Microchip Atsama5D26C CUR Firmware - Microchip Atsama5D27C CN Firmware - Microchip Atsama5D27C CNR Firmware - Microchip Atsama5D27C CU Firmware - Microchip Atsama5D27C CUR Firmware - Microchip Atsama5D28C CN Firmware - Microchip Atsama5D28C CNR Firmware - Microchip Atsama5D28C CU Firmware - Microchip Atsama5D28C CUR Firmware - Microchip Atsama5D27C Cnvao Firmware - Microchip Atsama5D27C Cnrvao Firmware - Microchip Atsama5D225C D1M CUR Firmware - Microchip Atsama5D27C D5M CU Firmware - Microchip Atsama5D27C D5M CUR Firmware - Microchip Atsama5D27C D1G CU Firmware - Microchip Atsama5D27C D1G CUR Firmware - Microchip Atsama5D28C D1G CU Firmware - Microchip Atsama5D28C D1G CUR Firmware - Microchip Atsama5D27C Ld1G CU Firmware - Microchip Atsama5D27C Ld1G CUR Firmware - Microchip Atsama5D27C Ld2G CU Firmware - Microchip Atsama5D27C Ld2G CUR Firmware - Microchip Atsama5D28C Ld1G CU Firmware - Microchip Atsama5D28C Ld1G CUR Firmware - Microchip Atsama5D28C Ld2G CU Firmware - Microchip Atsama5D28C Ld2G CUR Firmware - Microchip Atsama5D27 Wlsom1 Firmware - Microchip Atsama5D27 Som1 Firmware - Microchip Atsama5D31A CU Firmware - Microchip Atsama5D31A CUR Firmware - Microchip Atsama5D31A CFU Firmware - Microchip Atsama5D31A Cfur Firmware - Microchip Atsama5D33A CU Firmware - Microchip Atsama5D33A CUR Firmware - Microchip Atsama5D34A CU Firmware - Microchip Atsama5D34A CUR Firmware - Microchip Atsama5D35A CU Firmware - Microchip Atsama5D35A CUR Firmware - Microchip Atsama5D35A CN Firmware - Microchip Atsama5D35A CNR Firmware - Microchip Atsama5D36A CU Firmware - Microchip Atsama5D36A CUR Firmware - Microchip Atsama5D36A CN Firmware - Microchip Atsama5D36A CNR Firmware - Microchip Atsama5D41A CU Firmware - Microchip Atsama5D41A CUR Firmware - Microchip Atsama5D41B CU Firmware - Microchip Atsama5D41B CUR Firmware - Microchip Atsama5D42A CU Firmware - Microchip Atsama5D42A CUR Firmware - Microchip Atsama5D42B CU Firmware - Microchip Atsama5D42B CUR Firmware - Microchip Atsama5D43A CU Firmware - Microchip Atsama5D43A CUR Firmware - Microchip Atsama5D43B CU Firmware - Microchip Atsama5D43B CUR Firmware - Microchip Atsama5D44A CU Firmware - Microchip Atsama5D44A CUR Firmware - Microchip Atsama5D44B CU Firmware - Microchip Atsama5D44B CUR Firmware -	76
Hardware	Microchip Microchip Atsama5D21C CU - Microchip Atsama5D21C CUR - Microchip Atsama5D22C CN - Microchip Atsama5D22C CNR - Microchip Atsama5D22C CU - Microchip Atsama5D22C CUR - Microchip Atsama5D23C CN - Microchip Atsama5D23C CNR - Microchip Atsama5D23C CU - Microchip Atsama5D23C CUR - Microchip Atsama5D24C CU - Microchip Atsama5D24C CUF - Microchip Atsama5D24C CUR - Microchip Atsama5D26C CN - Microchip Atsama5D26C CNR - Microchip Atsama5D26C CU - Microchip Atsama5D26C CUR - Microchip Atsama5D27C CN - Microchip Atsama5D27C CNR - Microchip Atsama5D27C CU - Microchip Atsama5D27C CUR - Microchip Atsama5D28C CN - Microchip Atsama5D28C CNR - Microchip Atsama5D28C CU - Microchip Atsama5D28C CUR - Microchip Atsama5D27C Cnvao - Microchip Atsama5D27C Cnrvao - Microchip Atsama5D225C D1M CUR - Microchip Atsama5D27C D5M CU - Microchip Atsama5D27C D5M CUR - Microchip Atsama5D27C D1G CU - Microchip Atsama5D27C D1G CUR - Microchip Atsama5D28C D1G CU - Microchip Atsama5D28C D1G CUR - Microchip Atsama5D27C Ld1G CU - Microchip Atsama5D27C Ld1G CUR - Microchip Atsama5D27C Ld2G CU - Microchip Atsama5D27C Ld2G CUR - Microchip Atsama5D28C Ld1G CU - Microchip Atsama5D28C Ld1G CUR - Microchip Atsama5D28C Ld2G CU - Microchip Atsama5D28C Ld2G CUR - Microchip Atsama5D27 Wlsom1 - Microchip Atsama5D27 Som1 - Microchip Atsama5D31A CU - Microchip Atsama5D31A CUR - Microchip Atsama5D31A CFU - Microchip Atsama5D31A Cfur - Microchip Atsama5D33A CU - Microchip Atsama5D33A CUR - Microchip Atsama5D34A CU - Microchip Atsama5D34A CUR - Microchip Atsama5D35A CU - Microchip Atsama5D35A CUR - Microchip Atsama5D35A CN - Microchip Atsama5D35A CNR - Microchip Atsama5D36A CU - Microchip Atsama5D36A CUR - Microchip Atsama5D36A CN - Microchip Atsama5D36A CNR - Microchip Atsama5D41A CU - Microchip Atsama5D41A CUR - Microchip Atsama5D41B CU - Microchip Atsama5D41B CUR - Microchip Atsama5D42A CU - Microchip Atsama5D42A CUR - Microchip Atsama5D42B CU - Microchip Atsama5D42B CUR - Microchip Atsama5D43A CU - Microchip Atsama5D43A CUR - Microchip Atsama5D43B CU - Microchip Atsama5D43B CUR - Microchip Atsama5D44A CU - Microchip Atsama5D44A CUR - Microchip Atsama5D44B CU - Microchip Atsama5D44B CUR -	76

Common Weakness Enumeration (CWE)

CWE-203 - Information Exposure Through Discrepancy

References

https://labs.f-secure.com/advisories/microchip-atsama5-soc-multiple-vulnerabilities/