VYPR
Unrated severityNVD Advisory· Published Feb 21, 2024· Updated Sep 27, 2024

Uninitialized TRNG used for ECDSA after EM2/EM3 sleep for VSE devices

CVE-2024-22473

Description

TRNG is used before initialization by ECDSA signing driver when exiting EM2/EM3 on Virtual Secure Vault (VSE) devices. This defect may allow Signature Spoofing by Key Recreation.This issue affects Gecko SDK through v4.4.0.

Affected products

2

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.