1. Home
  2. CVE Database
  3. CVE-2020-12788
HIGH · 7.5

CVE-2020-12788

CMAC verification functionality in Microchip Atmel ATSAMA5 products is vulnerable to vulnerable to timing and power analysis attacks.

Vulnerability Description

CMAC verification functionality in Microchip Atmel ATSAMA5 products is vulnerable to vulnerable to timing and power analysis attacks.

CVSS Score

7.5

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality
HIGH
Integrity
NONE
Availability
NONE

Affected Products

VendorProductVersions
MicrochipAtsama5D21C-Cu Firmware-
MicrochipAtsama5D21C-Cu-
MicrochipAtsama5D21C-Cur Firmware-
MicrochipAtsama5D21C-Cur-
MicrochipAtsama5D22C-Cn Firmware-
MicrochipAtsama5D22C-Cn-
MicrochipAtsama5D22C-Cnr Firmware-
MicrochipAtsama5D22C-Cnr-
MicrochipAtsama5D22C-Cu Firmware-
MicrochipAtsama5D22C-Cu-
MicrochipAtsama5D22C-Cur Firmware-
MicrochipAtsama5D22C-Cur-
MicrochipAtsama5D23C-Cn Firmware-
MicrochipAtsama5D23C-Cn-
MicrochipAtsama5D23C-Cnr Firmware-
MicrochipAtsama5D23C-Cnr-
MicrochipAtsama5D23C-Cu Firmware-
MicrochipAtsama5D23C-Cu-
MicrochipAtsama5D23C-Cur Firmware-
MicrochipAtsama5D23C-Cur-

Related Weaknesses (CWE)

CWE-203

References

FAQ

What is CVE-2020-12788?

CVE-2020-12788 is a vulnerability with a CVSS score of 7.5 (HIGH). CMAC verification functionality in Microchip Atmel ATSAMA5 products is vulnerable to vulnerable to timing and power analysis attacks.

How severe is CVE-2020-12788?

CVE-2020-12788 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2020-12788?

Check the references section above for vendor advisories and patch information. Affected products include: Microchip Atsama5D21C-Cu Firmware, Microchip Atsama5D21C-Cu, Microchip Atsama5D21C-Cur Firmware, Microchip Atsama5D21C-Cur, Microchip Atsama5D22C-Cn Firmware.