Yubico YubiKey 5 Series devices with firmware before 5.7.0 and YubiHSM 2 devices with firmware before 2.4.0 allow an ECDSA secret-key extraction attack (that requires physical access and expensive equipment) in which an electromagnetic side channel is present because of a non-constant-time modular inversion for the Extended Euclidean Algorithm, aka the EUCLEAK issue. Other uses of an Infineon cryptographic library may also be affected.

Metrics

No CVSS v4.0

Attack Vector Physical

Attack Complexity High

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact None

Availability Impact None

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Exploitation none

Automatable no

Technical Impact partial

Affected Vendors & Products

Vendors Products
Yubico
  • Security Key C Nfc By Yubico
  • Security Key C Nfc By Yubico Firmware
  • Security Key Nfc By Yubico
  • Security Key Nfc By Yubico Firmware
  • Yubihsm 2
  • Yubihsm 2 Fips
  • Yubihsm 2 Fips Firmware
  • Yubihsm 2 Firmware
  • Yubikey 5 Nano
  • Yubikey 5 Nano Fips
  • Yubikey 5 Nano Fips Firmware
  • Yubikey 5 Nano Firmware
  • Yubikey 5 Nfc
  • Yubikey 5 Nfc Fips
  • Yubikey 5 Nfc Fips Firmware
  • Yubikey 5 Nfc Firmware
  • Yubikey 5c
  • Yubikey 5c Fips
  • Yubikey 5c Fips Firmware
  • Yubikey 5c Firmware
  • Yubikey 5c Nano
  • Yubikey 5c Nano Fips
  • Yubikey 5c Nano Fips Firmware
  • Yubikey 5c Nano Firmware
  • Yubikey 5c Nfc
  • Yubikey 5c Nfc Fips
  • Yubikey 5c Nfc Fips Firmware
  • Yubikey 5c Nfc Firmware
  • Yubikey 5ci
  • Yubikey 5ci Fips
  • Yubikey 5ci Fips Firmware
  • Yubikey 5ci Firmware
  • Yubikey Bio
  • Yubikey Bio Firmware
  • Yubikey C Bio
  • Yubikey C Bio Firmware

Configuration 1 [-]

AND
cpe:2.3:o:yubico:yubikey_5c_nfc_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:yubico:yubikey_5c_nfc:-:*:*:*:*:*:*:*

Configuration 2 [-]

AND
cpe:2.3:o:yubico:yubikey_5_nfc_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:yubico:yubikey_5_nfc:-:*:*:*:*:*:*:*

Configuration 3 [-]

AND
cpe:2.3:o:yubico:yubikey_5c_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:yubico:yubikey_5c:-:*:*:*:*:*:*:*

Configuration 4 [-]

AND
cpe:2.3:o:yubico:yubikey_5_nano_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:yubico:yubikey_5_nano:-:*:*:*:*:*:*:*

Configuration 5 [-]

AND
cpe:2.3:o:yubico:yubikey_5c_nano_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:yubico:yubikey_5c_nano:-:*:*:*:*:*:*:*

Configuration 6 [-]

AND
cpe:2.3:o:yubico:yubikey_5ci_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:yubico:yubikey_5ci:-:*:*:*:*:*:*:*

Configuration 7 [-]

AND
cpe:2.3:o:yubico:yubikey_5_nfc_fips_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:yubico:yubikey_5_nfc_fips:-:*:*:*:*:*:*:*

Configuration 8 [-]

AND
cpe:2.3:o:yubico:yubikey_5c_nfc_fips_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:yubico:yubikey_5c_nfc_fips:-:*:*:*:*:*:*:*

Configuration 9 [-]

AND
cpe:2.3:o:yubico:yubikey_5c_fips_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:yubico:yubikey_5c_fips:-:*:*:*:*:*:*:*

Configuration 10 [-]

AND
cpe:2.3:o:yubico:yubikey_5_nano_fips_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:yubico:yubikey_5_nano_fips:-:*:*:*:*:*:*:*

Configuration 11 [-]

AND
cpe:2.3:o:yubico:yubikey_5c_nano_fips_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:yubico:yubikey_5c_nano_fips:-:*:*:*:*:*:*:*

Configuration 12 [-]

AND
cpe:2.3:o:yubico:yubikey_5ci_fips_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:yubico:yubikey_5ci_fips:-:*:*:*:*:*:*:*

Configuration 13 [-]

AND
cpe:2.3:o:yubico:yubikey_c_bio_firmware:*:*:*:*:fido:*:*:*
cpe:2.3:h:yubico:yubikey_c_bio:-:*:*:*:fido:*:*:*

Configuration 14 [-]

AND
cpe:2.3:o:yubico:yubikey_bio_firmware:*:*:*:*:fido:*:*:*
cpe:2.3:h:yubico:yubikey_bio:-:*:*:*:fido:*:*:*

Configuration 15 [-]

AND
cpe:2.3:o:yubico:security_key_nfc_by_yubico_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:yubico:security_key_nfc_by_yubico:-:*:*:*:*:*:*:*

Configuration 16 [-]

AND
cpe:2.3:o:yubico:security_key_c_nfc_by_yubico_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:yubico:security_key_c_nfc_by_yubico:-:*:*:*:*:*:*:*

Configuration 17 [-]

AND
cpe:2.3:o:yubico:yubihsm_2_fips_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:yubico:yubihsm_2_fips:2.2:*:*:*:*:*:*:*

Configuration 18 [-]

AND
cpe:2.3:o:yubico:yubihsm_2_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:yubico:yubihsm_2:2.3.2:*:*:*:*:*:*:*

No data.

References
Link Providers
https://arstechnica.com/security/2024/09/yubikeys-are-vulnerable-to-cloning-attacks-thanks-to-newly-discovered-side-channel/ cve-icon cve-icon
https://news.ycombinator.com/item?id=41434500 cve-icon cve-icon
https://ninjalab.io/eucleak/ cve-icon cve-icon
https://ninjalab.io/wp-content/uploads/2024/09/20240903_eucleak.pdf cve-icon cve-icon
https://support.yubico.com/hc/en-us/articles/15705749884444 cve-icon cve-icon
https://www.yubico.com/support/security-advisories/ysa-2024-03/ cve-icon cve-icon
History

Thu, 12 Sep 2024 20:30:00 +0000

Type Values Removed Values Added
First Time appeared Yubico
Yubico security Key C Nfc By Yubico
Yubico security Key C Nfc By Yubico Firmware
Yubico security Key Nfc By Yubico
Yubico security Key Nfc By Yubico Firmware
Yubico yubihsm 2
Yubico yubihsm 2 Fips
Yubico yubihsm 2 Fips Firmware
Yubico yubihsm 2 Firmware
Yubico yubikey 5 Nano
Yubico yubikey 5 Nano Fips
Yubico yubikey 5 Nano Fips Firmware
Yubico yubikey 5 Nano Firmware
Yubico yubikey 5 Nfc
Yubico yubikey 5 Nfc Fips
Yubico yubikey 5 Nfc Fips Firmware
Yubico yubikey 5 Nfc Firmware
Yubico yubikey 5c
Yubico yubikey 5c Fips
Yubico yubikey 5c Fips Firmware
Yubico yubikey 5c Firmware
Yubico yubikey 5c Nano
Yubico yubikey 5c Nano Fips
Yubico yubikey 5c Nano Fips Firmware
Yubico yubikey 5c Nano Firmware
Yubico yubikey 5c Nfc
Yubico yubikey 5c Nfc Fips
Yubico yubikey 5c Nfc Fips Firmware
Yubico yubikey 5c Nfc Firmware
Yubico yubikey 5ci
Yubico yubikey 5ci Fips
Yubico yubikey 5ci Fips Firmware
Yubico yubikey 5ci Firmware
Yubico yubikey Bio
Yubico yubikey Bio Firmware
Yubico yubikey C Bio
Yubico yubikey C Bio Firmware
Weaknesses CWE-203
CPEs cpe:2.3:h:yubico:security_key_c_nfc_by_yubico:-:*:*:*:*:*:*:*
cpe:2.3:h:yubico:security_key_nfc_by_yubico:-:*:*:*:*:*:*:*
cpe:2.3:h:yubico:yubihsm_2:2.3.2:*:*:*:*:*:*:*
cpe:2.3:h:yubico:yubihsm_2_fips:2.2:*:*:*:*:*:*:*
cpe:2.3:h:yubico:yubikey_5_nano:-:*:*:*:*:*:*:*
cpe:2.3:h:yubico:yubikey_5_nano_fips:-:*:*:*:*:*:*:*
cpe:2.3:h:yubico:yubikey_5_nfc:-:*:*:*:*:*:*:*
cpe:2.3:h:yubico:yubikey_5_nfc_fips:-:*:*:*:*:*:*:*
cpe:2.3:h:yubico:yubikey_5c:-:*:*:*:*:*:*:*
cpe:2.3:h:yubico:yubikey_5c_fips:-:*:*:*:*:*:*:*
cpe:2.3:h:yubico:yubikey_5c_nano:-:*:*:*:*:*:*:*
cpe:2.3:h:yubico:yubikey_5c_nano_fips:-:*:*:*:*:*:*:*
cpe:2.3:h:yubico:yubikey_5c_nfc:-:*:*:*:*:*:*:*
cpe:2.3:h:yubico:yubikey_5c_nfc_fips:-:*:*:*:*:*:*:*
cpe:2.3:h:yubico:yubikey_5ci:-:*:*:*:*:*:*:*
cpe:2.3:h:yubico:yubikey_5ci_fips:-:*:*:*:*:*:*:*
cpe:2.3:h:yubico:yubikey_bio:-:*:*:*:fido:*:*:*
cpe:2.3:h:yubico:yubikey_c_bio:-:*:*:*:fido:*:*:*
cpe:2.3:o:yubico:security_key_c_nfc_by_yubico_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:yubico:security_key_nfc_by_yubico_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:yubico:yubihsm_2_fips_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:yubico:yubihsm_2_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:yubico:yubikey_5_nano_fips_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:yubico:yubikey_5_nano_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:yubico:yubikey_5_nfc_fips_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:yubico:yubikey_5_nfc_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:yubico:yubikey_5c_fips_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:yubico:yubikey_5c_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:yubico:yubikey_5c_nano_fips_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:yubico:yubikey_5c_nano_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:yubico:yubikey_5c_nfc_fips_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:yubico:yubikey_5c_nfc_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:yubico:yubikey_5ci_fips_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:yubico:yubikey_5ci_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:yubico:yubikey_bio_firmware:*:*:*:*:fido:*:*:*
cpe:2.3:o:yubico:yubikey_c_bio_firmware:*:*:*:*:fido:*:*:*
Vendors & Products Yubico
Yubico security Key C Nfc By Yubico
Yubico security Key C Nfc By Yubico Firmware
Yubico security Key Nfc By Yubico
Yubico security Key Nfc By Yubico Firmware
Yubico yubihsm 2
Yubico yubihsm 2 Fips
Yubico yubihsm 2 Fips Firmware
Yubico yubihsm 2 Firmware
Yubico yubikey 5 Nano
Yubico yubikey 5 Nano Fips
Yubico yubikey 5 Nano Fips Firmware
Yubico yubikey 5 Nano Firmware
Yubico yubikey 5 Nfc
Yubico yubikey 5 Nfc Fips
Yubico yubikey 5 Nfc Fips Firmware
Yubico yubikey 5 Nfc Firmware
Yubico yubikey 5c
Yubico yubikey 5c Fips
Yubico yubikey 5c Fips Firmware
Yubico yubikey 5c Firmware
Yubico yubikey 5c Nano
Yubico yubikey 5c Nano Fips
Yubico yubikey 5c Nano Fips Firmware
Yubico yubikey 5c Nano Firmware
Yubico yubikey 5c Nfc
Yubico yubikey 5c Nfc Fips
Yubico yubikey 5c Nfc Fips Firmware
Yubico yubikey 5c Nfc Firmware
Yubico yubikey 5ci
Yubico yubikey 5ci Fips
Yubico yubikey 5ci Fips Firmware
Yubico yubikey 5ci Firmware
Yubico yubikey Bio
Yubico yubikey Bio Firmware
Yubico yubikey C Bio
Yubico yubikey C Bio Firmware
Metrics cvssV3_1

{'score': 4.2, 'vector': 'CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N'}

Tue, 03 Sep 2024 20:30:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Tue, 03 Sep 2024 19:45:00 +0000

Type Values Removed Values Added
Description Yubico YubiKey 5 Series devices with firmware before 5.7.0 and YubiHSM 2 devices with firmware before 2.4.0 allow an ECDSA secret-key extraction attack (that requires physical access and expensive equipment) in which an electromagnetic side channel is present because of a non-constant-time modular inversion for the Extended Euclidean Algorithm, aka the EUCLEAK issue. Other uses of an Infineon cryptographic library may also be affected.
References
cve-icon MITRE

Status: PUBLISHED

Assigner: mitre

Published:

Updated: 2025-03-17T17:51:54.621Z

Reserved: 2024-09-03T00:00:00.000Z

Link: CVE-2024-45678

cve-icon Vulnrichment

Updated: 2024-09-03T20:05:16.815Z

cve-icon NVD

Status : Modified

Published: 2024-09-03T20:15:08.860

Modified: 2025-03-17T18:15:18.033

Link: CVE-2024-45678

cve-icon Redhat

No data.