Strix
26.1K

CVE-2020-12788

HIGHCVSS 7.5/10EPSS 1.34%

Last modified

CVE-2020-12788 is a high-severity vulnerability rated 7.5/10 on the CVSS scale. CMAC verification functionality in Microchip Atmel ATSAMA5 products is vulnerable to vulnerable to timing and power analysis attacks.. EPSS estimates a 1.34% chance of exploitation in the next 30 days.

Description

CMAC verification functionality in Microchip Atmel ATSAMA5 products is vulnerable to vulnerable to timing and power analysis attacks.

Metrics

CVSS 3.1
7.5/10

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

EPSS Probability
1.34%

67.6th percentile

Probability of exploitation in the next 30 days. Learn more

Weakness Enumeration

Affected Software

VendorProductVersions
MicrochipAtsama5d21c-Cu FirmwareAll versions
MicrochipAtsama5d21c-Cur FirmwareAll versions
MicrochipAtsama5d22c-Cn FirmwareAll versions
MicrochipAtsama5d22c-Cnr FirmwareAll versions
MicrochipAtsama5d22c-Cu FirmwareAll versions
MicrochipAtsama5d22c-Cur FirmwareAll versions
MicrochipAtsama5d23c-Cn FirmwareAll versions
MicrochipAtsama5d23c-Cnr FirmwareAll versions
MicrochipAtsama5d23c-Cu FirmwareAll versions
MicrochipAtsama5d23c-Cur FirmwareAll versions
MicrochipAtsama5d24c-Cu FirmwareAll versions
MicrochipAtsama5d24c-Cuf FirmwareAll versions
MicrochipAtsama5d24c-Cur FirmwareAll versions
MicrochipAtsama5d26c-Cn FirmwareAll versions
MicrochipAtsama5d26c-Cnr FirmwareAll versions
MicrochipAtsama5d26c-Cu FirmwareAll versions
MicrochipAtsama5d26c-Cur FirmwareAll versions
MicrochipAtsama5d27c-Cn FirmwareAll versions
MicrochipAtsama5d27c-Cnr FirmwareAll versions
MicrochipAtsama5d27c-Cu FirmwareAll versions
MicrochipAtsama5d27c-Cur FirmwareAll versions
MicrochipAtsama5d28c-Cn FirmwareAll versions
MicrochipAtsama5d28c-Cnr FirmwareAll versions
MicrochipAtsama5d28c-Cu FirmwareAll versions
MicrochipAtsama5d28c-Cur FirmwareAll versions
MicrochipAtsama5d27c-Cnvao FirmwareAll versions
MicrochipAtsama5d27c-Cnrvao FirmwareAll versions
MicrochipAtsama5d225c-D1m-Cur FirmwareAll versions
MicrochipAtsama5d27c-D5m-Cu FirmwareAll versions
MicrochipAtsama5d27c-D5m-Cur FirmwareAll versions
MicrochipAtsama5d27c-D1g-Cu FirmwareAll versions
MicrochipAtsama5d27c-D1g-Cur FirmwareAll versions
MicrochipAtsama5d28c-D1g-Cu FirmwareAll versions
MicrochipAtsama5d28c-D1g-Cur FirmwareAll versions
MicrochipAtsama5d27c-Ld1g-Cu FirmwareAll versions
MicrochipAtsama5d27c-Ld1g-Cur FirmwareAll versions
MicrochipAtsama5d27c-Ld2g-Cu FirmwareAll versions
MicrochipAtsama5d27c-Ld2g-Cur FirmwareAll versions
MicrochipAtsama5d28c-Ld1g-Cu FirmwareAll versions
MicrochipAtsama5d28c-Ld1g-Cur FirmwareAll versions
MicrochipAtsama5d28c-Ld2g-Cu FirmwareAll versions
MicrochipAtsama5d28c-Ld2g-Cur FirmwareAll versions
MicrochipAtsama5d27-Wlsom1 FirmwareAll versions
MicrochipAtsama5d27-Som1 FirmwareAll versions
MicrochipAtsama5d31a-Cu FirmwareAll versions
MicrochipAtsama5d31a-Cur FirmwareAll versions
MicrochipAtsama5d31a-Cfu FirmwareAll versions
MicrochipAtsama5d31a-Cfur FirmwareAll versions
MicrochipAtsama5d33a-Cu FirmwareAll versions
MicrochipAtsama5d33a-Cur FirmwareAll versions

Showing 50 of 76 affected configurations. See NVD for the full list.

References

Timeline

Published
Last Modified
Status
Modified

Frequently Asked Questions

What is CVE-2020-12788?
CMAC verification functionality in Microchip Atmel ATSAMA5 products is vulnerable to vulnerable to timing and power analysis attacks.
How severe is CVE-2020-12788?
CVE-2020-12788 has a CVSS score of 7.5/10 (HIGH severity). The EPSS model estimates a 1.34% probability of exploitation in the next 30 days.
How do I fix CVE-2020-12788?
Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.

Are you affected by CVE-2020-12788?

Run a free Strix scan to check your systems for this vulnerability.

Scan your code now

Source: NVD / NIST