{"id": "CVE-2022-48251", "cveTags": [{"tags": ["disputed"], "sourceIdentifier": "cve@mitre.org"}], "metrics": {"cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.5, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 3.6, "exploitabilityScore": 3.9}]}, "published": "2023-01-10T07:15:09.647", "references": [{"url": "https://eprint.iacr.org/2022/230", "tags": ["Technical Description", "Third Party Advisory"], "source": "cve@mitre.org"}, {"url": "https://eshard.com/posts/sca-attacks-on-armv8", "tags": ["Exploit", "Third Party Advisory"], "source": "cve@mitre.org"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-203"}]}], "descriptions": [{"lang": "en", "value": "The AES instructions on the ARMv8 platform do not have an algorithm that is \"intrinsically resistant\" to side-channel attacks. NOTE: the vendor reportedly offers the position \"while power side channel attacks ... are possible, they are not directly caused by or related to the Arm architecture.\""}], "lastModified": "2024-08-03T15:15:56.593", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:arm:cortex-a53_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "35B01CAB-2DD1-47D5-A331-B6C7A658C5D5"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:arm:cortex-a53:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "9FF65826-F828-421F-8009-5AA5D25387E6"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:arm:cortex-a55_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2B9A6B1E-AF50-4B96-96E7-295EBECED8BC"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:arm:cortex-a55:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "383CB40D-A1A7-4108-BB28-4A598EB217BD"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:arm:cortex-a57_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "68D895EC-B0A9-4292-AC64-60673F72C765"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:arm:cortex-a57:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "B00CD88D-5649-403F-A55A-BD49427D30FA"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:arm:cortex-a72_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "38768B2B-F1A3-4A76-8716-9520CA075F3D"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:arm:cortex-a72:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "16E23102-964E-485D-8EFF-4B1BBFE6EDE4"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:arm:cortex-a73_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "7173A6DC-4D4E-424C-A922-C16D67627834"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:arm:cortex-a73:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "33B1374D-59E8-4FE5-AC6C-0323AB1DD60D"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:arm:cortex-a75_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "7A891447-2F1D-48B4-AA47-3CB7EA4FDC7C"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:arm:cortex-a75:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "7C1DF922-1F46-41A6-A367-E56DD8C4163D"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:arm:cortex-a76_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "08CC4E5E-2794-4893-9B45-E14A3F4CF159"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:arm:cortex-a76:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "9E4FCA77-71D3-495E-BA2A-2953369E5DCC"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:arm:cortex-a76ae_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D6022C19-3C39-439E-AE6E-2319D831CF99"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:arm:cortex-a76ae:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "9B08A239-BFC8-41EA-8A48-69F8DD7FC221"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:arm:cortex-a77_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "155A0C39-4D0A-4264-B392-46002908939C"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:arm:cortex-a77:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "514DE9F5-D826-42AA-B4CF-3EB09F4D3D5D"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:arm:cortex-a78_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "96AB8C81-F441-4563-B5E0-B738DF4D1C50"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:arm:cortex-a78:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "DDA3C472-D1E9-47B3-AFD0-BD274E3291F9"}], "operator": "OR"}], "operator": "AND"}], "sourceIdentifier": "cve@mitre.org"}
