How severe is CVE-2017-13092?

This vulnerability has a severity rating of HIGH with a CVSS score of 7.8 out of 10.

What type of vulnerability is CVE-2017-13092?

This is classified as CWE-310, which is a common weakness in software security.

CVE-2017-13092 - HIGH Severity | CVSS 7.8

Vulnerability Description

The P1735 IEEE standard describes flawed methods for encrypting electronic-design intellectual property (IP), as well as the management of access rights for such IP, including improperly specified HDL syntax allows use of an EDA tool as a decryption oracle. The methods are flawed and, in the most egregious cases, enable attack vectors that allow recovery of the entire underlying plaintext IP. Implementations of IEEE P1735 may be weak to cryptographic attacks that allow an attacker to obtain plaintext intellectual property without the key, among other impacts.

Related Vulnerabilities

CVE-2015-9003

HIGH

CVSS:7.8(High)

In TrustZone a cryptographic issue can potentially occur in all Android releases from CAF using the Linux kernel.

CWE-3102015

CVE-2016-10136

HIGH

CVSS:7.8(High)

An issue was discovered on BLU R1 HD devices with Shanghai Adups software. The content provider named com.adups.fota.sysoper.provider.InfoProvider in the app with a package name of com.adups.fota.syso...

CWE-3102016

CVE-2016-10137

HIGH

CVSS:7.8(High)

CWE-3102016

CVE-2016-10138

HIGH

CVSS:7.8(High)

An issue was discovered on BLU Advance 5.0 and BLU R1 HD devices with Shanghai Adups software. The com.adups.fota.sysoper app is installed as a system app and cannot be disabled by the user. In the co...

CWE-3102016

CVE-2016-10139

HIGH

CVSS:7.8(High)

An issue was discovered on BLU R1 HD devices with Shanghai Adups software. The two package names involved in the exfiltration are com.adups.fota and com.adups.fota.sysoper. In the com.adups.fota.sysop...

CWE-3102016

CVE-2017-13091

HIGH

CVSS:7.8(High)

CWE-3102017