MitreCVE-2022-48251CVE-2022-48251
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
AI Score
Confidence
High
EPSS
Percentile
49.2%
The AES instructions on the ARMv8 platform do not have an algorithm that is “intrinsically resistant” to side-channel attacks. NOTE: the vendor reportedly offers the position “while power side channel attacks … are possible, they are not directly caused by or related to the Arm architecture.”
Affected configurations
| Vendor | Product | Version | CPE |
|---|---|---|---|
| arm | cortex-a53_firmware | - | cpe:2.3:o:arm:cortex-a53_firmware:-:*:*:*:*:*:*:* |
| arm | cortex-a53 | - | cpe:2.3:h:arm:cortex-a53:-:*:*:*:*:*:*:* |
| arm | cortex-a55_firmware | - | cpe:2.3:o:arm:cortex-a55_firmware:-:*:*:*:*:*:*:* |
| arm | cortex-a55 | - | cpe:2.3:h:arm:cortex-a55:-:*:*:*:*:*:*:* |
| arm | cortex-a57_firmware | - | cpe:2.3:o:arm:cortex-a57_firmware:-:*:*:*:*:*:*:* |
| arm | cortex-a57 | - | cpe:2.3:h:arm:cortex-a57:-:*:*:*:*:*:*:* |
| arm | cortex-a72_firmware | - | cpe:2.3:o:arm:cortex-a72_firmware:-:*:*:*:*:*:*:* |
| arm | cortex-a72 | - | cpe:2.3:h:arm:cortex-a72:-:*:*:*:*:*:*:* |
| arm | cortex-a73_firmware | - | cpe:2.3:o:arm:cortex-a73_firmware:-:*:*:*:*:*:*:* |
| arm | cortex-a73 | - | cpe:2.3:h:arm:cortex-a73:-:*:*:*:*:*:*:* |
Related
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
AI Score
Confidence
High
EPSS
Percentile
49.2%