CVE-2021-3011
Summary
| CVE | CVE-2021-3011 |
|---|---|
| State | PUBLIC |
| Assigner | [email protected] |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2021-01-07 16:15:00 UTC |
| Updated | 2023-07-20 18:53:00 UTC |
| Description | An electromagnetic-wave side-channel issue was discovered on NXP SmartMX / P5x security microcontrollers and A7x secure authentication microcontrollers, with CryptoLib through v2.9. It allows attackers to extract the ECDSA private key after extensive physical access (and consequently produce a clone). This was demonstrated on the Google Titan Security Key, based on an NXP A7005a chip. Other FIDO U2F security keys are also impacted (Yubico YubiKey Neo and Feitian K9, K13, K21, and K40) as well as several NXP JavaCard smartcards (J3A081, J2A081, J3A041, J3D145_M59, J2D145_M59, J3D120_M60, J3D082_M60, J2D120_M60, J2D082_M60, J3D081_M59, J2D081_M59, J3D081_M61, J2D081_M61, J3D081_M59_DF, J3D081_M61_DF, J3E081_M64, J3E081_M66, J2E081_M64, J3E041_M66, J3E016_M66, J3E016_M64, J3E041_M64, J3E145_M64, J3E120_M65, J3E082_M65, J2E145_M64, J2E120_M65, J2E082_M65, J3E081_M64_DF, J3E081_M66_DF, J3E041_M66_DF, J3E016_M66_DF, J3E041_M64_DF, and J3E016_M64_DF). |
Risk And Classification
Problem Types: CWE-203
NVD Known Affected Configurations (CPE 2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Hardware | Ftsafe | K13 | - | All | All | All |
| Hardware | Ftsafe | K13 | - | All | All | All |
| Hardware | Ftsafe | K21 | - | All | All | All |
| Hardware | Ftsafe | K21 | - | All | All | All |
| Hardware | Ftsafe | K40 | - | All | All | All |
| Hardware | Ftsafe | K40 | - | All | All | All |
| Hardware | Ftsafe | K9 | - | All | All | All |
| Hardware | Ftsafe | K9 | - | All | All | All |
| Hardware | Titan Security Key | - | All | All | All | |
| Hardware | Titan Security Key | - | All | All | All | |
| Hardware | Nxp | 3a081 | - | All | All | All |
| Hardware | Nxp | 3a081 | - | All | All | All |
| Hardware | Nxp | A7005a | - | All | All | All |
| Hardware | Nxp | A7005a | - | All | All | All |
| Hardware | Nxp | J2a081 | - | All | All | All |
| Hardware | Nxp | J2a081 | - | All | All | All |
| Hardware | Nxp | J2d081 M59 | - | All | All | All |
| Hardware | Nxp | J2d081 M59 | - | All | All | All |
| Hardware | Nxp | J2d081 M61 | - | All | All | All |
| Hardware | Nxp | J2d081 M61 | - | All | All | All |
| Hardware | Nxp | J2d082 M60 | - | All | All | All |
| Hardware | Nxp | J2d082 M60 | - | All | All | All |
| Hardware | Nxp | J2d120 M60 | - | All | All | All |
| Hardware | Nxp | J2d120 M60 | - | All | All | All |
| Hardware | Nxp | J2d145 M59 | - | All | All | All |
| Hardware | Nxp | J2d145 M59 | - | All | All | All |
| Hardware | Nxp | J2e081 M64 | - | All | All | All |
| Hardware | Nxp | J2e081 M64 | - | All | All | All |
| Hardware | Nxp | J2e082 M65 | - | All | All | All |
| Hardware | Nxp | J2e082 M65 | - | All | All | All |
| Hardware | Nxp | J2e120 M65 | - | All | All | All |
| Hardware | Nxp | J2e120 M65 | - | All | All | All |
| Hardware | Nxp | J2e145 M64 | - | All | All | All |
| Hardware | Nxp | J2e145 M64 | - | All | All | All |
| Hardware | Nxp | J3a041 | - | All | All | All |
| Hardware | Nxp | J3a041 | - | All | All | All |
| Hardware | Nxp | J3d081 M59 | - | All | All | All |
| Hardware | Nxp | J3d081 M59 | - | All | All | All |
| Hardware | Nxp | J3d081 M59 Df | - | All | All | All |
| Hardware | Nxp | J3d081 M59 Df | - | All | All | All |
| Hardware | Nxp | J3d081 M61 | - | All | All | All |
| Hardware | Nxp | J3d081 M61 | - | All | All | All |
| Hardware | Nxp | J3d081 M61 Df | - | All | All | All |
| Hardware | Nxp | J3d081 M61 Df | - | All | All | All |
| Hardware | Nxp | J3d082 M60 | - | All | All | All |
| Hardware | Nxp | J3d082 M60 | - | All | All | All |
| Hardware | Nxp | J3d120 M60 | - | All | All | All |
| Hardware | Nxp | J3d120 M60 | - | All | All | All |
| Hardware | Nxp | J3d145 M59 | - | All | All | All |
| Hardware | Nxp | J3d145 M59 | - | All | All | All |
| Hardware | Nxp | J3e016 M64 | - | All | All | All |
| Hardware | Nxp | J3e016 M64 | - | All | All | All |
| Hardware | Nxp | J3e016 M64 Df | - | All | All | All |
| Hardware | Nxp | J3e016 M64 Df | - | All | All | All |
| Hardware | Nxp | J3e016 M66 | - | All | All | All |
| Hardware | Nxp | J3e016 M66 | - | All | All | All |
| Hardware | Nxp | J3e016 M66 Df | - | All | All | All |
| Hardware | Nxp | J3e016 M66 Df | - | All | All | All |
| Hardware | Nxp | J3e041 M64 | - | All | All | All |
| Hardware | Nxp | J3e041 M64 | - | All | All | All |
| Hardware | Nxp | J3e041 M64 Df | - | All | All | All |
| Hardware | Nxp | J3e041 M64 Df | - | All | All | All |
| Hardware | Nxp | J3e041 M66 | - | All | All | All |
| Hardware | Nxp | J3e041 M66 | - | All | All | All |
| Hardware | Nxp | J3e041 M66 Df | - | All | All | All |
| Hardware | Nxp | J3e041 M66 Df | - | All | All | All |
| Hardware | Nxp | J3e081 M64 | - | All | All | All |
| Hardware | Nxp | J3e081 M64 | - | All | All | All |
| Hardware | Nxp | J3e081 M64 Df | - | All | All | All |
| Hardware | Nxp | J3e081 M64 Df | - | All | All | All |
| Hardware | Nxp | J3e081 M66 | - | All | All | All |
| Hardware | Nxp | J3e081 M66 | - | All | All | All |
| Hardware | Nxp | J3e081 M66 Df | - | All | All | All |
| Hardware | Nxp | J3e081 M66 Df | - | All | All | All |
| Hardware | Nxp | J3e082 M65 | - | All | All | All |
| Hardware | Nxp | J3e082 M65 | - | All | All | All |
| Hardware | Nxp | J3e120 M65 | - | All | All | All |
| Hardware | Nxp | J3e120 M65 | - | All | All | All |
| Hardware | Nxp | J3e145 M64 | - | All | All | All |
| Hardware | Nxp | J3e145 M64 | - | All | All | All |
| Hardware | Nxp | P5010 | - | All | All | All |
| Hardware | Nxp | P5010 | - | All | All | All |
| Hardware | Nxp | P5020 | - | All | All | All |
| Hardware | Nxp | P5020 | - | All | All | All |
| Hardware | Nxp | P5021 | - | All | All | All |
| Hardware | Nxp | P5021 | - | All | All | All |
| Hardware | Nxp | P5040 | - | All | All | All |
| Hardware | Nxp | P5040 | - | All | All | All |
| Hardware | Nxp | Smartmx2 P60 | - | All | All | All |
| Hardware | Nxp | Smartmx2 P60 | - | All | All | All |
| Hardware | Nxp | Smartmx3 P71d320 | - | All | All | All |
| Hardware | Nxp | Smartmx3 P71d320 | - | All | All | All |
| Hardware | Nxp | Smartmx3 P71d321 | - | All | All | All |
| Hardware | Nxp | Smartmx3 P71d321 | - | All | All | All |
| Hardware | Yubico | Yubikey Neo | - | All | All | All |
| Hardware | Yubico | Yubikey Neo | - | All | All | All |
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| ninjalab.io/wp-content/uploads/2021/01/a_side_journey_to_titan.pdf | MISC | ninjalab.io | Exploit, Technical Description, Third Party Advisory |
| A Side Journey to Titan - NinjaLab | MISC | ninjalab.io | Third Party Advisory |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
No vendor comments have been submitted for this CVE.
Legacy QID Mappings
- 590982 Rockwell Automation ControlLogix, GuardLogix, Compact GuardLogix, CompactLogix Vulnerability (PN1542)