CWE-1255
Comparison Logic is Vulnerable to Power Side-Channel Attacks
VariantDraft
Description
A device's real time power consumption may be monitored during security token evaluation and the information gleaned may be used to determine the value of the reference token.
Hierarchy (View 1000)
Parents
Children
none
Related attack patterns (CAPEC)
CAPEC-189
CVEs mapped to this weakness (2)
| CVE | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2024-39920 | Med | 0.28 | 4.3 | 0.00 | Jul 3, 2024 | The TCP protocol in RFC 9293 has a timing side channel that makes it easier for remote attackers to infer the content of one TCP connection from a client system (to any server), when that client system is concurrently obtaining TCP data at a slow rate from an attacker-controlled server, aka the "SnailLoad" issue. For example, the attack can begin by measuring RTTs via the TCP segments whose role is to provide an ACK control bit and an Acknowledgment Number. | |
| CVE-2025-3301 | Low | 0.07 | — | 0.00 | Apr 29, 2025 | DPA countermeasures are unavailable for ECDH key agreement and EdDSA signing operations on Curve25519 and Curve448 on all Series 2 modules and SoCs due to a lack of hardware and software support. A successful DPA attack may result in exposure of confidential information. The best practice is to use the impacted crypto curves and operations with ephemeral keys to reduce the number of DPA traces that can be collected. |