Yubihsm 2 Fips Firmware
Monthly
Yubico YubiKey 5 Series devices with firmware before 5.7.0 and YubiHSM 2 devices with firmware before 2.4.0 allow an ECDSA secret-key extraction attack (that requires physical access and expensive. Rated medium severity (CVSS 4.2), this vulnerability is no authentication required. No vendor patch available.
Yubico YubiKey 5 Series devices with firmware before 5.7.0 and YubiHSM 2 devices with firmware before 2.4.0 allow an ECDSA secret-key extraction attack (that requires physical access and expensive. Rated medium severity (CVSS 4.2), this vulnerability is no authentication required. No vendor patch available.