Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2018-19608

Summary
Assigner-mitre
Assigner Org ID-8254265b-2729-46b6-b9e3-3dfca2d5bfca
Published At-05 Dec, 2018 | 22:00
Updated At-05 Aug, 2024 | 11:44
Rejected At-
Credits

Arm Mbed TLS before 2.14.1, before 2.7.8, and before 2.1.17 allows a local unprivileged attacker to recover the plaintext of RSA decryption, which is used in RSA-without-(EC)DH(E) cipher suites.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
▼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:mitre
Assigner Org ID:8254265b-2729-46b6-b9e3-3dfca2d5bfca
Published At:05 Dec, 2018 | 22:00
Updated At:05 Aug, 2024 | 11:44
Rejected At:
▼CVE Numbering Authority (CNA)

Arm Mbed TLS before 2.14.1, before 2.7.8, and before 2.1.17 allows a local unprivileged attacker to recover the plaintext of RSA decryption, which is used in RSA-without-(EC)DH(E) cipher suites.

Affected Products
Vendor
n/a
Product
n/a
Versions
Affected
  • n/a
Problem Types
TypeCWE IDDescription
textN/An/a
Type: text
CWE ID: N/A
Description: n/a
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://tls.mbed.org/tech-updates/security-advisories/mbedtls-security-advisory-2018-03
x_refsource_CONFIRM
http://cat.eyalro.net/
x_refsource_MISC
https://tls.mbed.org/tech-updates/releases/mbedtls-2.14.1-2.7.8-and-2.1.17-released
x_refsource_CONFIRM
Hyperlink: https://tls.mbed.org/tech-updates/security-advisories/mbedtls-security-advisory-2018-03
Resource:
x_refsource_CONFIRM
Hyperlink: http://cat.eyalro.net/
Resource:
x_refsource_MISC
Hyperlink: https://tls.mbed.org/tech-updates/releases/mbedtls-2.14.1-2.7.8-and-2.1.17-released
Resource:
x_refsource_CONFIRM
▼Authorized Data Publishers (ADP)
CVE Program Container
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://tls.mbed.org/tech-updates/security-advisories/mbedtls-security-advisory-2018-03
x_refsource_CONFIRM
x_transferred
http://cat.eyalro.net/
x_refsource_MISC
x_transferred
https://tls.mbed.org/tech-updates/releases/mbedtls-2.14.1-2.7.8-and-2.1.17-released
x_refsource_CONFIRM
x_transferred
Hyperlink: https://tls.mbed.org/tech-updates/security-advisories/mbedtls-security-advisory-2018-03
Resource:
x_refsource_CONFIRM
x_transferred
Hyperlink: http://cat.eyalro.net/
Resource:
x_refsource_MISC
x_transferred
Hyperlink: https://tls.mbed.org/tech-updates/releases/mbedtls-2.14.1-2.7.8-and-2.1.17-released
Resource:
x_refsource_CONFIRM
x_transferred
Information is not available yet
▼National Vulnerability Database (NVD)
nvd.nist.gov
Source:cve@mitre.org
Published At:05 Dec, 2018 | 22:29
Updated At:24 Aug, 2020 | 17:37

Arm Mbed TLS before 2.14.1, before 2.7.8, and before 2.1.17 allows a local unprivileged attacker to recover the plaintext of RSA decryption, which is used in RSA-without-(EC)DH(E) cipher suites.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Primary3.04.7MEDIUM
CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N
Primary2.01.9LOW
AV:L/AC:M/Au:N/C:P/I:N/A:N
Type: Primary
Version: 3.0
Base score: 4.7
Base severity: MEDIUM
Vector:
CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N
Type: Primary
Version: 2.0
Base score: 1.9
Base severity: LOW
Vector:
AV:L/AC:M/Au:N/C:P/I:N/A:N
CPE Matches
Arm Limited
arm
>>mbed_tls>>Versions from 2.1.0(inclusive) to 2.1.17(exclusive)
cpe:2.3:a:arm:mbed_tls:*:*:*:*:*:*:*:*
Arm Limited
arm
>>mbed_tls>>Versions from 2.7.0(inclusive) to 2.7.8(exclusive)
cpe:2.3:a:arm:mbed_tls:*:*:*:*:*:*:*:*
Arm Limited
arm
>>mbed_tls>>Versions from 2.14.0(inclusive) to 2.14.1(exclusive)
cpe:2.3:a:arm:mbed_tls:*:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
CWE-269Primarynvd@nist.gov
CWE ID: CWE-269
Type: Primary
Source: nvd@nist.gov
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
http://cat.eyalro.net/cve@mitre.org
Third Party Advisory
https://tls.mbed.org/tech-updates/releases/mbedtls-2.14.1-2.7.8-and-2.1.17-releasedcve@mitre.org
Third Party Advisory
https://tls.mbed.org/tech-updates/security-advisories/mbedtls-security-advisory-2018-03cve@mitre.org
Third Party Advisory
Hyperlink: http://cat.eyalro.net/
Source: cve@mitre.org
Resource:
Third Party Advisory
Hyperlink: https://tls.mbed.org/tech-updates/releases/mbedtls-2.14.1-2.7.8-and-2.1.17-released
Source: cve@mitre.org
Resource:
Third Party Advisory
Hyperlink: https://tls.mbed.org/tech-updates/security-advisories/mbedtls-security-advisory-2018-03
Source: cve@mitre.org
Resource:
Third Party Advisory

Change History

0
Information is not available yet

Similar CVEs

9Records found
CVE-2018-0498
Matching Score-8
Assigner-Debian GNU/Linux
ShareView Details
Matching Score-8
Assigner-Debian GNU/Linux
CVSS Score-4.7||MEDIUM
EPSS-0.19% / 41.44%
||
7 Day CHG~0.00%
Published-28 Jul, 2018 | 17:00
Updated-05 Aug, 2024 | 03:28
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

ARM mbed TLS before 2.12.0, before 2.7.5, and before 2.1.14 allows local users to achieve partial plaintext recovery (for a CBC based ciphersuite) via a cache-based side-channel attack.

Action-Not Available
Vendor-n/aDebian GNU/LinuxArm Limited
Product-mbed_tlsdebian_linuxARM mbed TLS before 2.12.0, before 2.7.5, and before 2.1.14
CVE-2017-5715
Matching Score-8
Assigner-Intel Corporation
ShareView Details
Matching Score-8
Assigner-Intel Corporation
CVSS Score-5.6||MEDIUM
EPSS-90.66% / 99.60%
||
7 Day CHG~0.00%
Published-04 Jan, 2018 | 13:00
Updated-06 May, 2025 | 15:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Systems with microprocessors utilizing speculative execution and indirect branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis.

Action-Not Available
Vendor-Debian GNU/LinuxOracle CorporationSiemens AGNetApp, Inc.Intel CorporationCanonical Ltd.Arm Limited
Product-xeon_e3_1230_v3atom_x7-e3950xeon_e3_1505l_v6xeon_phidebian_linuxxeon_e3_1125c_v2xeon_e3_1245_v6xeon_e5_2623_v3xeon_e3_1271_v3xeon_e3_1275_v3xeon_e5_1650communications_diameter_signaling_routersimatic_winac_rtx_\(f\)_2010xeon_e3_1220xeon_e3_1265l_v4core_m5xeon_e5_2603_v4xeon_e5_2407_v2xeon_e3_1285_v4xeon_e5_2630lxeon_e5_2640_v2xeon_e3_1270xeon_e5_1660_v2xeon_e3_1245xeon_e3_1505l_v5xeon_e5_2648lxeon_e5_2450xeon_e5_2609_v2vm_virtualboxxeon_e5_2650xeon_e3_1290xeon_e5_2470_v2xeon_e5_2470xeon_e5_2450l_v2xeon_e5_2630l_v2xeon_e5_2637xeon_e3_1246_v3xeon_e5_2648l_v4xeon_e5_2637_v2xeon_e5_2418l_v3core_i5core_i7xeon_e3xeon_e3_1240_v5xeon_platinumcortex-axeon_e3_1125cxeon_e3_1285_v6xeon_e5_2608l_v4simatic_winac_rtx_\(f\)_firmwarexeon_e5_2643_v4xeon_e5_2650_v2xeon_e5_2650lxeon_e5_1620_v4xeon_e5_1650_v4xeon_e5_2420xeon_e5_2650l_v2xeon_e3_1220l_v3xeon_e3_1278l_v4xeon_e5_2608l_v3xeon_e5_1630_v3xeon_e3_1225xeon_e3_1220_v3xeon_e5_2428l_v2xeon_e7atom_x3xeon_e5_2430lxeon_e3_1275_v6xeon_e3_1275l_v3xeon_e5_1428l_v2xeon_e5_2618l_v2xeon_e5_1428l_v3xeon_e5_2620xeon_e5_1680_v3xeon_e3_1230l_v3xeon_e3_1240l_v3xeon_e3_1230_v5xeon_e5_1650_v2xeon_e5_2603_v2pentium_nxeon_e5_2620_v2xeon_e5_2630_v2xeon_e-1105cxeon_e5_1630_v4xeon_e3_1501m_v6xeon_e5_2407celeron_jxeon_e3_1231_v3xeon_e3_1240l_v5xeon_e3_1260l_v5xeon_e5_2643_v3xeon_e3_1268l_v3atom_zxeon_e5_2438l_v3xeon_e5_2420_v2pentium_jcore_m3xeon_e3_1270_v3xeon_e3_1240_v6xeon_e3_1285l_v4xeon_e3_1501l_v6xeon_e5_2630xeon_e3_1230_v2xeon_e3_1275xeon_e5_2418lxeon_e5_2628l_v3xeon_e3_1105c_v2xeon_e5_2648l_v2xeon_e3_1280_v2xeon_e5_2648l_v3core_i3xeon_e5_2618l_v3xeon_e3_1220_v5xeon_e5_2430_v2xeon_e3_1230_v6xeon_e5_2403_v2celeron_nxeon_e5_1660_v4xeon_e5_2450_v2xeon_e5_2440_v2ubuntu_linuxxeon_e5_2640_v4xeon_e5_2650_v4xeon_e3_1225_v3atom_x5-e3940xeon_e3_1260lxeon_e5_2448lxeon_e3_1235xeon_e5_2628l_v2xeon_e3_1230xeon_e3_1281_v3xeon_e5_1660xeon_e3_1245_v5xeon_e3_1270_v2xeon_e5_2620_v3xeon_e5_2650l_v3core_mxeon_e5_2440xeon_e5_2643_v2xeon_e3_12201atom_ehci_compute_nodexeon_e3_1225_v6xeon_e3_1270_v6xeon_e5_2623_v4xeon_e3_1285_v3xeon_e5xeon_e5_2640_v3xeon_e3_1235l_v5xeon_e5_2609solidfirexeon_e5_2609_v4xeon_e5_2609_v3atom_x5-e3930xeon_e3_12201_v2xeon_e3_1290_v2xeon_e3_1280_v3xeon_e5_2450lxeon_e5_1620_v3xeon_goldxeon_e3_1275_v5xeon_e5_2403xeon_e5_2620_v4xeon_e5_2628l_v4xeon_e5_2618l_v4atom_cxeon_e3_1225_v2xeon_e3_1240xeon_e3_1275_v2xeon_e5_2630l_v3xeon_e3_1220_v6xeon_bronze_3104xeon_e3_1270_v5xeon_e5_2603_v3xeon_bronze_3106xeonxeon_e3_1241_v3xeon_e3_1505m_v5xeon_e3_1220_v2xeon_e5_2430xeon_e3_1280_v6xeon_e3_1258l_v4xeon_e5_1650_v3xeon_e5_1428lxeon_silverxeon_e5_2428lxeon_e5_2630_v3xeon_e3_1225_v5xeon_e5_1620_v2xeon_e3_1245_v3xeon_e3_1268l_v5xeon_e5_2640xeon_e5_2418l_v2xeon_e5_2408l_v3xeon_e5_2430l_v2xeon_e5_2448l_v2xeon_e3_1276_v3xeon_e3_1265l_v3xeon_e5_2428l_v3xeon_e5_2650_v3xeon_e3_1280_v5xeon_e5_2630_v4xeon_e3_1280xeon_e3_1286l_v3xeon_e5_1680_v4xeon_e5_2637_v4xeon_e5_2630l_v4xeon_e5_2643xeon_e5_1620core_m7xeon_e3_1226_v3xeon_e3_1240_v2xeon_e3_1245_v2xeon_e5_2603xeon_e3_1286_v3xeon_e5_2637_v3xeon_e3_1265l_v2hci_management_nodexeon_e5_1660_v3xeon_e3_1285l_v3xeon_e3_1240_v3Microprocessors with Speculative Execution
CWE ID-CWE-203
Observable Discrepancy
CVE-2022-23960
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-5.6||MEDIUM
EPSS-0.14% / 35.15%
||
7 Day CHG~0.00%
Published-12 Mar, 2022 | 23:57
Updated-03 Aug, 2024 | 03:59
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Certain Arm Cortex and Neoverse processors through 2022-03-08 do not properly restrict cache speculation, aka Spectre-BHB. An attacker can leverage the shared branch history in the Branch History Buffer (BHB) to influence mispredicted branches. Then, cache allocation can allow the attacker to obtain sensitive information.

Action-Not Available
Vendor-n/aDebian GNU/LinuxXen ProjectArm Limited
Product-cortex-a76aecortex-x2_firmwarecortex-a75cortex-a65ae_firmwarecortex-a78ae_firmwarecortex-r8cortex-a77_firmwarecortex-a57neoverse_n2_firmwareneoverse_n2cortex-a65aeneoverse-e1cortex-a710cortex-x2cortex-a78neoverse_n1_firmwarecortex-a72_firmwarecortex-r8_firmwarexencortex-a77cortex-x1cortex-a57_firmwarecortex-a65_firmwarecortex-r7_firmwarecortex-a78_firmwarecortex-a65cortex-a78aeneoverse-e1_firmwareneoverse-v1cortex-a76ae_firmwareneoverse_n1cortex-a710_firmwaredebian_linuxcortex-x1_firmwarecortex-a75_firmwarecortex-a76_firmwarecortex-a73_firmwarecortex-a76cortex-a72cortex-a73neoverse-v1_firmwarecortex-r7n/a
CVE-2020-10932
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-4.7||MEDIUM
EPSS-0.03% / 5.66%
||
7 Day CHG~0.00%
Published-15 Apr, 2020 | 00:00
Updated-04 Aug, 2024 | 11:21
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered in Arm Mbed TLS before 2.16.6 and 2.7.x before 2.7.15. An attacker that can get precise enough side-channel measurements can recover the long-term ECDSA private key by (1) reconstructing the projective coordinate of the result of scalar multiplication by exploiting side channels in the conversion to affine coordinates; (2) using an attack described by Naccache, Smart, and Stern in 2003 to recover a few bits of the ephemeral scalar from those projective coordinates via several measurements; and (3) using a lattice attack to get from there to the long-term ECDSA private key used for the signatures. Typically an attacker would have sufficient access when attacking an SGX enclave and controlling the untrusted OS.

Action-Not Available
Vendor-n/aDebian GNU/LinuxFedora ProjectArm Limited
Product-mbed_tlsdebian_linuxfedoran/a
CWE ID-CWE-327
Use of a Broken or Risky Cryptographic Algorithm
CWE ID-CWE-203
Observable Discrepancy
CVE-2019-18222
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-4.7||MEDIUM
EPSS-0.06% / 19.38%
||
7 Day CHG~0.00%
Published-23 Jan, 2020 | 00:00
Updated-05 Aug, 2024 | 01:47
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The ECDSA signature implementation in ecdsa.c in Arm Mbed Crypto 2.1 and Mbed TLS through 2.19.1 does not reduce the blinded scalar before computing the inverse, which allows a local attacker to recover the private key via side-channel attacks.

Action-Not Available
Vendor-n/aDebian GNU/LinuxFedora ProjectArm Limited
Product-mbed_tlsdebian_linuxfedorambed_crypton/a
CWE ID-CWE-203
Observable Discrepancy
CVE-2020-36424
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-4.7||MEDIUM
EPSS-0.09% / 26.06%
||
7 Day CHG~0.00%
Published-19 Jul, 2021 | 00:00
Updated-04 Aug, 2024 | 17:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered in Arm Mbed TLS before 2.24.0. An attacker can recover a private key (for RSA or static Diffie-Hellman) via a side-channel attack against generation of base blinding/unblinding values.

Action-Not Available
Vendor-n/aDebian GNU/LinuxArm Limited
Product-mbed_tlsdebian_linuxn/a
CWE ID-CWE-203
Observable Discrepancy
CVE-2022-25368
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-4.7||MEDIUM
EPSS-0.27% / 50.38%
||
7 Day CHG~0.00%
Published-09 Mar, 2022 | 18:17
Updated-03 Aug, 2024 | 04:36
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Spectre BHB is a variant of Spectre-v2 in which malicious code uses the shared branch history (stored in the CPU BHB) to influence mispredicted branches in the victim's hardware context. Speculation caused by these mispredicted branches can then potentially be used to cause cache allocation, which can then be used to infer information that should be protected.

Action-Not Available
Vendor-amperecomputingn/aArm Limited
Product-cortex-a76aecortex-x2_firmwarecortex-a75cortex-a65ae_firmwarecortex-a78ae_firmwareampere_altra_firmwarecortex-a78c_firmwarecortex-a77_firmwarecortex-a57neoverse_n2_firmwareneoverse_n2cortex-a15cortex-a65aeneoverse-e1cortex-a710cortex-x2cortex-a78neoverse_n1_firmwarecortex-a78ccortex-a15_firmwarecortex-a72_firmwareampere_altra_maxcortex-a77cortex-a57_firmwarecortex-x1cortex-a65_firmwareampere_altra_max_firmwarecortex-a78_firmwareampere_altracortex-a65neoverse-e1_firmwarecortex-a78aeneoverse-v1cortex-a76ae_firmwareneoverse_n1cortex-a710_firmwarecortex-x1_firmwarecortex-a75_firmwarecortex-a76_firmwarecortex-a73_firmwarecortex-a76cortex-a72cortex-a73neoverse-v1_firmwaren/a
CVE-2012-2148
Matching Score-4
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-4
Assigner-Red Hat, Inc.
CVSS Score-3.3||LOW
EPSS-0.10% / 28.68%
||
7 Day CHG~0.00%
Published-06 Dec, 2019 | 17:35
Updated-06 Aug, 2024 | 19:26
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue exists in the property replacements feature in any descriptor in JBoxx AS 7.1.1 ignores java security policies

Action-Not Available
Vendor-jbossas4Linux Kernel Organization, IncRed Hat, Inc.
Product-jboss_community_application_serverjboss_enterprise_web_serverlinux_kernelAS
CWE ID-CWE-269
Improper Privilege Management
CVE-2019-11288
Matching Score-4
Assigner-VMware by Broadcom
ShareView Details
Matching Score-4
Assigner-VMware by Broadcom
CVSS Score-7.3||HIGH
EPSS-0.09% / 26.93%
||
7 Day CHG~0.00%
Published-27 Jan, 2020 | 18:50
Updated-17 Sep, 2024 | 04:09
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
tcServer JMX Socket Listener Registry Rebinding Local Privilege Escalation

In Pivotal tc Server, 3.x versions prior to 3.2.19 and 4.x versions prior to 4.0.10, and Pivotal tc Runtimes, 7.x versions prior to 7.0.99.B, 8.x versions prior to 8.5.47.A, and 9.x versions prior to 9.0.27.A, when a tc Runtime instance is configured with the JMX Socket Listener, a local attacker without access to the tc Runtime process or configuration files is able to manipulate the RMI registry to perform a man-in-the-middle attack to capture user names and passwords used to access the JMX interface. The attacker can then use these credentials to access the JMX interface and gain complete control over the tc Runtime instance.

Action-Not Available
Vendor-VMware (Broadcom Inc.)
Product-tc_servertc_runtimesPivotal tc Server 3.xPivotal tc Server 3.x RuntimesPivotal tc Server 4.x RuntimesPivotal tc Server 4.x
CWE ID-CWE-269
Improper Privilege Management
Details not found