CVE-2021-3011

MEDIUM
Published Jan 7, 20215y ago · Modified Jun 17, 20262w ago
4.2 CVSS 3.1
Medium
Find Similar
Published Jan 7, 2021 5y ago
Last Modified Jun 17, 2026 2w ago

Description

An electromagnetic-wave side-channel issue was discovered on NXP SmartMX / P5x security microcontrollers and A7x secure authentication microcontrollers, with CryptoLib through v2.9. It allows attackers to extract the ECDSA private key after extensive physical access (and consequently produce a clone). This was demonstrated on the Google Titan Security Key, based on an NXP A7005a chip. Other FIDO U2F security keys are also impacted (Yubico YubiKey Neo and Feitian K9, K13, K21, and K40) as well as several NXP JavaCard smartcards (J3A081, J2A081, J3A041, J3D145_M59, J2D145_M59, J3D120_M60, J3D082_M60, J2D120_M60, J2D082_M60, J3D081_M59, J2D081_M59, J3D081_M61, J2D081_M61, J3D081_M59_DF, J3D081_M61_DF, J3E081_M64, J3E081_M66, J2E081_M64, J3E041_M66, J3E016_M66, J3E016_M64, J3E041_M64, J3E145_M64, J3E120_M65, J3E082_M65, J2E145_M64, J2E120_M65, J2E082_M65, J3E081_M64_DF, J3E081_M66_DF, J3E041_M66_DF, J3E016_M66_DF, J3E041_M64_DF, and J3E016_M64_DF).

CVSS Details

Base Score
4.2
Exploitability
0.5
Impact
3.6
Vector string
CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
Attack Vector Physical
Attack Complexity High
Privileges Required None
User Interaction None
Scope Unchanged
Confidentiality High
Integrity None
Availability None

Threat Intelligence

No active exploitation signals — not in CISA KEV and no EPSS score yet.

Exploit & Patch Status
Public Exploit Known
No Patch Available

Weaknesses 1

CWE-670

Affected Products 45

VendorProductVersionRange
ftsafek13*any
ftsafek21*any
ftsafek40*any
ftsafek9*any
googletitan_security_key*any
nxp3a081*any
nxpa7005a*any
nxpj2a081*any
nxpj2d081_m59*any
nxpj2d081_m61*any
nxpj2d082_m60*any
nxpj2d120_m60*any
nxpj2d145_m59*any
nxpj2e081_m64*any
nxpj2e082_m65*any
nxpj2e120_m65*any
nxpj2e145_m64*any
nxpj3a041*any
nxpj3d081_m59*any
nxpj3d081_m59_df*any
nxpj3d081_m61*any
nxpj3d081_m61_df*any
nxpj3d082_m60*any
nxpj3d120_m60*any
nxpj3d145_m59*any
nxpj3e016_m64*any
nxpj3e016_m64_df*any
nxpj3e016_m66*any
nxpj3e016_m66_df*any
nxpj3e041_m64*any
nxpj3e041_m64_df*any
nxpj3e041_m66*any
nxpj3e041_m66_df*any
nxpj3e081_m64*any
nxpj3e081_m64_df*any
nxpj3e081_m66*any
nxpj3e081_m66_df*any
nxpj3e082_m65*any
nxpj3e120_m65*any
nxpj3e145_m64*any
nxpp5010*any
nxpp5020*any
nxpp5021*any
nxpp5040*any
yubicoyubikey_neo*any

References 2

  • ninjalab.io https://ninjalab.io/a-side-journey-to-titan/
    Third Party Advisory
  • ninjalab.io https://ninjalab.io/wp-content/uploads/2021/01/a_side_journey_to_titan.pdf
    ExploitTechnical DescriptionThird Party Advisory

Remediation

No remediation data recorded yet

Check vendor advisories and the NVD entry for patch availability.