Timing Attack Vulnerability in OpenSSL 1.0.1u and Earlier Allows Recovery of ECDSA P-256 Private Keys

Timing Attack Vulnerability in OpenSSL 1.0.1u and Earlier Allows Recovery of ECDSA P-256 Private Keys

CVE-2016-7056 · LOW Severity

AV:L/AC:L/AU:N/C:P/I:N/A:N

A timing attack flaw was found in OpenSSL 1.0.1u and before that could allow a malicious user with local access to recover ECDSA P-256 private keys.

Learn more about our User Device Pen Test.