Cache-based RSA Key Extraction Vulnerability in wolfSSL Versions Before 3.10.2

Cache-based RSA Key Extraction Vulnerability in wolfSSL Versions Before 3.10.2

CVE-2017-6076 · LOW Severity

AV:L/AC:L/AU:N/C:P/I:N/A:N

In versions of wolfSSL before 3.10.2 the function fp_mul_comba makes it easier to extract RSA key information for a malicious user who has access to view cache on a machine.

Learn more about our User Device Pen Test.