cbcvebase.
CVE-2021-24119
published 2021-07-14

CVE-2021-24119: In Trusted Firmware Mbed TLS 2.24.0, a side-channel vulnerability in base64 PEM file decoding allows system-level (administrator) attackers to obtain…

PriorityP424medium4.9CVSS 3.1
AVNACLPRHUINSUCHINAN
EPSS
1.36%
68.2th percentile
In Trusted Firmware Mbed TLS 2.24.0, a side-channel vulnerability in base64 PEM file decoding allows system-level (administrator) attackers to obtain information about secret RSA keys via a controlled-channel and side-channel attack on software running in isolated environments that can be single stepped, especially Intel SGX.

Affected

11 ranges
VendorProductVersion rangeFixed in
armmbed_tls< 2.26.02.26.0
debiandebian_linux
debiandebian_linux
debianmbedtls< mbedtls 2.16.11-0.1 (bookworm)mbedtls 2.16.11-0.1 (bookworm)
fedoraprojectfedora
fedoraprojectfedora
mbedmbedtls>= 0 < 2.16.9-0.1+deb11u12.16.9-0.1+deb11u1
mbedmbedtls>= 0 < 2.16.11-0.12.16.11-0.1
mbedmbedtls>= 0 < 2.16.11-0.12.16.11-0.1
mbedmbedtls>= 0 < 2.16.11-0.12.16.11-0.1
msrcazl3_qemu_8.2.0-16_on_azure_linux_3.0

CVSS provenance

nvdv3.14.9MEDIUMCVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
nvdv2.04.0MEDIUMAV:N/AC:L/Au:S/C:P/I:N/A:N
osv4.9MEDIUM
vendor_debian4.9MEDIUM
vendor_msrc4.9MEDIUM
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.