Padding oracle attack vulnerability in Oberon microsystem AG’s Oberon PSA Crypto library in all versions since 1.0.0 and prior to 1.5.1 allows an attacker to recover plaintexts via timing measurements of AES-CBC PKCS#7 decrypt operations.
Metrics
Affected Vendors & Products
References
Link | Providers |
---|---|
https://www.oberon.ch/security-advisories/cve-2025-7383/ |
![]() ![]() |
History
Fri, 29 Aug 2025 14:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Metrics |
ssvc
|
Fri, 29 Aug 2025 09:30:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Description | Padding oracle attack vulnerability in Oberon microsystem AG’s Oberon PSA Crypto library in all versions since 1.0.0 and prior to 1.5.1 allows an attacker to recover plaintexts via timing measurements of AES-CBC PKCS#7 decrypt operations. | |
Title | Timing side-channel vulnerability in AES-CBC decryption with PKCS#7 padding in Oberon PSA Crypto library | |
Weaknesses | CWE-208 CWE-327 |
|
References |
| |
Metrics |
cvssV4_0
|

Status: PUBLISHED
Assigner: NCSC.ch
Published:
Updated: 2025-08-29T13:46:14.471Z
Reserved: 2025-07-09T09:43:45.575Z
Link: CVE-2025-7383

Updated: 2025-08-29T13:46:09.230Z

Status : Awaiting Analysis
Published: 2025-08-29T10:15:32.873
Modified: 2025-08-29T16:24:29.730
Link: CVE-2025-7383

No data.

No data.