On NXP MIFARE Ultralight and NTAG cards, an attacker can interrupt a write operation (aka conduct a "tear off" attack) over RFID to bypass a Monotonic Counter protection mechanism. The impact depends on how the anti tear-off feature is used in specific applications such as public transportation, physical access control, etc.
References
Link | Resource |
---|---|
https://blog.quarkslab.com/rfid-monotonic-counter-anti-tearing-defeated.html | Mitigation Third Party Advisory |
https://www.nxp.com/docs/en/application-note/AN11340.pdf | Vendor Advisory |
https://www.nxp.com/docs/en/application-note/AN13089.pdf | Vendor Advisory |
https://www.sstic.org/2021/presentation/eeprom_it_will_all_end_in_tears/ | Exploit Third Party Advisory |
Configurations
Configuration 1 (hide)
AND |
|
Configuration 2 (hide)
AND |
|
Configuration 3 (hide)
AND |
|
Configuration 4 (hide)
AND |
|
Configuration 5 (hide)
AND |
|
Configuration 6 (hide)
AND |
|
Configuration 7 (hide)
AND |
|
Configuration 8 (hide)
AND |
|
History
No history.
Information
Published : 2021-06-06 16:15
Updated : 2024-02-28 18:28
NVD link : CVE-2021-33881
Mitre link : CVE-2021-33881
CVE.ORG link : CVE-2021-33881
JSON object : View
Products Affected
nxp
- ntag_215
- mifare_ultralight_ev1_firmware
- mifare_ultralight_ev1
- mifare_ultralight_c
- mifare_ultralight_c_firmware
- mifare_ultralight_nano
- ntag_212_firmware
- ntag_216
- ntag_212
- ntag_215_firmware
- mifare_ultralight_nano_firmware
- ntag_210
- ntag_210_firmware
- ntag_216_firmware
- ntag_213
- ntag_213_firmware
CWE
CWE-863
Incorrect Authorization