Vulnerability in Arm Mbed TLS Affects RSA and Diffie-Hellman Key Generation
CVE-2020-36424
4.7MEDIUM
What is CVE-2020-36424?
An issue has been identified in Arm Mbed TLS, which includes a vulnerability that can be exploited through side-channel attacks during the generation of base blinding/unblinding values. This allows an attacker to recover private keys associated with RSA or static Diffie-Hellman protocols. It is important for users of Mbed TLS versions prior to 2.24.0 to implement necessary updates to mitigate this security risk. The vulnerability highlights the importance of robust cryptographic implementations to prevent potential exploitation.