Skip to main content

At91Bootstrap

2 CVEs product

Monthly

CVE-2020-11684 CRITICAL POC PATCH Act Now

AT91bootstrap before 3.9.2 does not properly wipe encryption and authentication keys from memory before passing control to a less privileged software component. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Information Disclosure At91Bootstrap
NVD GitHub
CVSS 3.1
9.1
EPSS
1.1%
CVE-2020-11683 MEDIUM POC PATCH This Month

A timing side channel was discovered in AT91bootstrap before 3.9.2. Rated medium severity (CVSS 6.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available.

RCE At91Bootstrap
NVD GitHub
CVSS 3.1
6.8
EPSS
0.5%
EPSS 1% CVSS 9.1
CRITICAL POC PATCH Act Now

AT91bootstrap before 3.9.2 does not properly wipe encryption and authentication keys from memory before passing control to a less privileged software component. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Information Disclosure At91Bootstrap
NVD GitHub
EPSS 1% CVSS 6.8
MEDIUM POC PATCH This Month

A timing side channel was discovered in AT91bootstrap before 3.9.2. Rated medium severity (CVSS 6.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available.

RCE At91Bootstrap
NVD GitHub

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy