Vulnerabilities > CVE-2020-36421 - Information Exposure Through Discrepancy vulnerability in multiple products

047910
CVSS 5.3 - MEDIUM
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
LOW
Integrity impact
NONE
Availability impact
NONE
network
low complexity
arm
debian
CWE-203

Summary

An issue was discovered in Arm Mbed TLS before 2.23.0. Because of a side channel in modular exponentiation, an RSA private key used in a secure enclave could be disclosed.

Vulnerable Configurations

Part Description Count
Application
Arm
137
OS
Debian
1

Common Weakness Enumeration (CWE)