Filtered by vendor Nordicsemi
Subscribe
Search
Total
4 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2022-40480 | 2 Microchip, Nordicsemi | 4 Dt100112, Dt100112 Firmware, Nrf5340-dk and 1 more | 2023-08-08 | N/A | 6.5 MEDIUM |
| Nordic Semiconductor, Microchip Technology NRF5340-DK DT100112 was discovered to contain an issue which allows attackers to cause a Denial of Service (DoS) via a crafted ConReq packet. | |||||
| CVE-2021-29415 | 1 Nordicsemi | 2 Nrf52840, Nrf52840 Firmware | 2022-07-12 | 2.1 LOW | 5.5 MEDIUM |
| The elliptic curve cryptography (ECC) hardware accelerator, part of the ARMĀ® TrustZoneĀ® CryptoCell 310, contained in the NordicSemiconductor nRF52840 through 2021-03-29 has a non-constant time ECDSA implemenation. This allows an adversary to recover the private ECC key used during an ECDSA operation. | |||||
| CVE-2020-27211 | 1 Nordicsemi | 2 Nrf52840, Nrf52840 Firmware | 2022-05-03 | 3.3 LOW | 5.7 MEDIUM |
| Nordic Semiconductor nRF52840 devices through 2020-10-19 have improper protection against physical side channels. The flash read-out protection (APPROTECT) can be bypassed by injecting a fault during the boot phase. | |||||
| CVE-2020-15509 | 1 Nordicsemi | 2 Android Ble Library, Dfu Library | 2021-07-21 | 3.3 LOW | 6.5 MEDIUM |
| Nordic Semiconductor Android BLE Library through 2.2.1 and DFU Library through 1.10.4 for Android (as used by nRF Connect and other applications) can engage in unencrypted communication while showing the user that the communication is purportedly encrypted. The problem is in bond creation (e.g., internalCreateBond in BleManagerHandler). | |||||