Critical severity9.1NVD Advisory· Published Sep 14, 2020· Updated Jun 17, 2026
CVE-2020-11684
CVE-2020-11684
Description
AT91bootstrap before 3.9.2 does not properly wipe encryption and authentication keys from memory before passing control to a less privileged software component. This can be exploited to disclose these keys and subsequently encrypt and sign the next boot stage (such as the bootloader).
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- Microchip/AT91bootstrapdescription
- Range: <3.9.2
Patches
Vulnerability mechanics
References
2- github.com/linux4sam/at91bootstrap/commit/45419497309ffbf27c17ea7938499aca99168927nvdPatchThird Party Advisory
- labs.f-secure.com/advisories/microchip-at91bootstrap/nvdExploitThird Party Advisory
News mentions
0No linked articles in our index yet.