A side-channel attack, which requires a physical presence to the TPM, can lead to extraction of an Elliptic Curve Diffie-Hellman (ECDH) key
This vulnerability describes a side-channel attack where an attacker with physical access to a Trusted Platform Module (TPM) can extract sensitive Elliptic Curve Diffie-Hellman (ECDH) keys. This type of attack exploits subtle physical characteristics or timing differences, rather than software flaws, to glean secret information.
A side-channel attack, which requires a physical presence to the TPM, can lead to extraction of an Elliptic Curve Diffie-Hellman (ECDH) key.
Systems relying on TPMs for ECDH key protection are at low risk of key extraction if physical security is compromised.
Monitor & Review
Low severity — keep this CVE on your radar and patch during routine maintenance.
What should I do?
Published
CVE disclosed publicly
Last Modified
Most recent update
Indexed to CVEInsight
Added to this platform
AV:P/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N
0
Affected Products
1
References
CVSS:3.1/AV:P/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N
Exploitability
Impact