CVE-2010-0928

CVE-2010-0928 · MEDIUM Severity

AV:L/AC:H/AU:N/C:C/I:N/A:N

OpenSSL 0.9.8i on the Gaisler Research LEON3 SoC on the Xilinx Virtex-II Pro FPGA uses a Fixed Width Exponentiation (FWE) algorithm for certain signature calculations, and does not verify the signature before providing it to a caller, which makes it easier for physically proximate attackers to determine the private key via a modified supply voltage for the microprocessor, related to a "fault-based attack."

Learn more about our Physical Security Assessment.