Skip to main content

Aarch64Cryptolib

1 CVEs product

Monthly

CVE-2023-26084 LOW PATCH Monitor

The armv8_dec_aes_gcm_full() API of Arm AArch64cryptolib before 86065c6 fails to the verify the authentication tag of AES-GCM protected data, leading to a man-in-the-middle attack. Rated low severity (CVSS 3.7), this vulnerability is remotely exploitable, no authentication required.

Information Disclosure Aarch64Cryptolib
NVD GitHub
CVSS 3.1
3.7
EPSS
0.4%
EPSS 0% CVSS 3.7
LOW PATCH Monitor

The armv8_dec_aes_gcm_full() API of Arm AArch64cryptolib before 86065c6 fails to the verify the authentication tag of AES-GCM protected data, leading to a man-in-the-middle attack. Rated low severity (CVSS 3.7), this vulnerability is remotely exploitable, no authentication required.

Information Disclosure Aarch64Cryptolib
NVD GitHub

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy