CVE-2020-27208
MEDIUMSoloKeys Solo 4.0.0 & Somu/Nitrokey FIDO2 - Info Disclosure
Title source: llmDescription
The flash read-out protection (RDP) level is not enforced during the device initialization phase of the SoloKeys Solo 4.0.0 & Somu and the Nitrokey FIDO2 token. This allows an adversary to downgrade the RDP level and access secrets such as private ECC keys from SRAM via the debug interface.
References (6)
Core 6
Core References
Exploit, Third Party Advisory x_refsource_misc
https://www.aisec.fraunhofer.de/en/FirmwareProtection.html
Product x_refsource_misc
https://twitter.com/SoloKeysSec
Product x_refsource_misc
https://solokeys.com
Third Party Advisory x_refsource_misc
https://eprint.iacr.org/2021/640
Patch, Third Party Advisory x_refsource_misc
https://github.com/solokeys/solo/commit/a9c02cd354f34b48195a342c7f524abdef5cbcec
Third Party Advisory x_refsource_misc
https://www.aisec.fraunhofer.de/de/das-institut/wissenschaftliche-exzellenz/security-and-trust-in-open-source-security-tokens.html
Scores
CVSS v3
6.8
EPSS
0.0033
EPSS Percentile
24.3%
Attack Vector
PHYSICAL
CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Details
CWE
CWE-326
Status
published
Products (3)
nitrokey/fido2_firmware
solokeys/solo_firmware
4.0.0
solokeys/somu_firmware
Published
May 21, 2021
Tracked Since
Feb 18, 2026