Skip to main content

Yubikey 5 Nfc Firmware

3 CVEs product

Monthly

CVE-2024-45678 MEDIUM This Month

Yubico YubiKey 5 Series devices with firmware before 5.7.0 and YubiHSM 2 devices with firmware before 2.4.0 allow an ECDSA secret-key extraction attack (that requires physical access and expensive. Rated medium severity (CVSS 4.2), this vulnerability is no authentication required. No vendor patch available.

Information Disclosure Yubikey 5C Nfc Firmware Yubikey 5 Nfc Firmware Yubikey 5C Firmware Yubikey 5 Nano Firmware +14
NVD
CVSS 3.1
4.2
EPSS
0.3%
CVE-2020-15001 MEDIUM POC This Month

An information leak was discovered on Yubico YubiKey 5 NFC devices 5.0.0 to 5.2.6 and 5.3.0 to 5.3.1. Rated medium severity (CVSS 5.3), this vulnerability is no authentication required. Public exploit code available and no vendor patch available.

Authentication Bypass Yubikey 5 Nfc Firmware
NVD
CVSS 3.1
5.3
EPSS
0.6%
CVE-2020-15000 MEDIUM This Month

A PIN management problem was discovered on Yubico YubiKey 5 devices 5.2.0 to 5.2.6. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Information Disclosure Yubikey 5 Nfc Firmware
NVD
CVSS 3.1
5.9
EPSS
0.7%
EPSS 0% CVSS 4.2
MEDIUM This Month

Yubico YubiKey 5 Series devices with firmware before 5.7.0 and YubiHSM 2 devices with firmware before 2.4.0 allow an ECDSA secret-key extraction attack (that requires physical access and expensive. Rated medium severity (CVSS 4.2), this vulnerability is no authentication required. No vendor patch available.

Information Disclosure Yubikey 5C Nfc Firmware Yubikey 5 Nfc Firmware +16
NVD
EPSS 1% CVSS 5.3
MEDIUM POC This Month

An information leak was discovered on Yubico YubiKey 5 NFC devices 5.0.0 to 5.2.6 and 5.3.0 to 5.3.1. Rated medium severity (CVSS 5.3), this vulnerability is no authentication required. Public exploit code available and no vendor patch available.

Authentication Bypass Yubikey 5 Nfc Firmware
NVD
EPSS 1% CVSS 5.9
MEDIUM This Month

A PIN management problem was discovered on Yubico YubiKey 5 devices 5.2.0 to 5.2.6. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Information Disclosure Yubikey 5 Nfc Firmware
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy