In wolfSSL up to and including 4.6.0, a side-channel vulnerability in base64 PEM file decoding allows system-level (administrator) malicious users to obtain information about secret RSA keys via a controlled-channel and side-channel attack on software running in isolated environments that can be single stepped, especially Intel SGX.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
wolfssl wolfssl |