Search criteria
14 vulnerabilities found for Standard by IEEE
CVE-2017-13094 (GCVE-0-2017-13094)
Vulnerability from cvelistv5 – Published: 2018-07-13 20:00 – Updated: 2024-08-05 18:58
VLAI?
Title
The P1735 IEEE standard describes flawed methods for encrypting electronic-design intellectual property (IP), including modification of the encryption key and insertion of hardware trojans in any IP
Summary
The P1735 IEEE standard describes flawed methods for encrypting electronic-design intellectual property (IP), as well as the management of access rights for such IP, including modification of the encryption key and insertion of hardware trojans in any IP. The methods are flawed and, in the most egregious cases, enable attack vectors that allow recovery of the entire underlying plaintext IP. Implementations of IEEE P1735 may be weak to cryptographic attacks that allow an attacker to obtain plaintext intellectual property without the key, among other impacts.
Severity ?
No CVSS data available.
CWE
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T18:58:12.444Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "101699",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/101699"
},
{
"name": "VU#739007",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "https://www.kb.cert.org/vuls/id/739007"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Standard",
"vendor": "IEEE",
"versions": [
{
"status": "affected",
"version": "P1735"
}
]
}
],
"datePublic": "2017-11-03T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The P1735 IEEE standard describes flawed methods for encrypting electronic-design intellectual property (IP), as well as the management of access rights for such IP, including modification of the encryption key and insertion of hardware trojans in any IP. The methods are flawed and, in the most egregious cases, enable attack vectors that allow recovery of the entire underlying plaintext IP. Implementations of IEEE P1735 may be weak to cryptographic attacks that allow an attacker to obtain plaintext intellectual property without the key, among other impacts."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-310",
"description": "CWE-310",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-07-14T09:57:01",
"orgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"shortName": "certcc"
},
"references": [
{
"name": "101699",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/101699"
},
{
"name": "VU#739007",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "https://www.kb.cert.org/vuls/id/739007"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "The P1735 IEEE standard describes flawed methods for encrypting electronic-design intellectual property (IP), including modification of the encryption key and insertion of hardware trojans in any IP",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cert@cert.org",
"ID": "CVE-2017-13094",
"STATE": "PUBLIC",
"TITLE": "The P1735 IEEE standard describes flawed methods for encrypting electronic-design intellectual property (IP), including modification of the encryption key and insertion of hardware trojans in any IP"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Standard",
"version": {
"version_data": [
{
"affected": "=",
"version_affected": "=",
"version_name": "P1735",
"version_value": "P1735"
}
]
}
}
]
},
"vendor_name": "IEEE"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The P1735 IEEE standard describes flawed methods for encrypting electronic-design intellectual property (IP), as well as the management of access rights for such IP, including modification of the encryption key and insertion of hardware trojans in any IP. The methods are flawed and, in the most egregious cases, enable attack vectors that allow recovery of the entire underlying plaintext IP. Implementations of IEEE P1735 may be weak to cryptographic attacks that allow an attacker to obtain plaintext intellectual property without the key, among other impacts."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-310"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "101699",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/101699"
},
{
"name": "VU#739007",
"refsource": "CERT-VN",
"url": "https://www.kb.cert.org/vuls/id/739007"
}
]
},
"source": {
"discovery": "UNKNOWN"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"assignerShortName": "certcc",
"cveId": "CVE-2017-13094",
"datePublished": "2018-07-13T20:00:00",
"dateReserved": "2017-08-22T00:00:00",
"dateUpdated": "2024-08-05T18:58:12.444Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-13092 (GCVE-0-2017-13092)
Vulnerability from cvelistv5 – Published: 2018-07-13 20:00 – Updated: 2024-08-05 18:58
VLAI?
Title
The P1735 IEEE standard describes flawed methods for encrypting electronic-design intellectual property (IP), including improperly specified HDL syntax allows use of an EDA tool as a decryption oracle
Summary
The P1735 IEEE standard describes flawed methods for encrypting electronic-design intellectual property (IP), as well as the management of access rights for such IP, including improperly specified HDL syntax allows use of an EDA tool as a decryption oracle. The methods are flawed and, in the most egregious cases, enable attack vectors that allow recovery of the entire underlying plaintext IP. Implementations of IEEE P1735 may be weak to cryptographic attacks that allow an attacker to obtain plaintext intellectual property without the key, among other impacts.
Severity ?
No CVSS data available.
CWE
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T18:58:12.398Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "101699",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/101699"
},
{
"name": "VU#739007",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "https://www.kb.cert.org/vuls/id/739007"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Standard",
"vendor": "IEEE",
"versions": [
{
"status": "affected",
"version": "P1735"
}
]
}
],
"datePublic": "2017-11-03T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The P1735 IEEE standard describes flawed methods for encrypting electronic-design intellectual property (IP), as well as the management of access rights for such IP, including improperly specified HDL syntax allows use of an EDA tool as a decryption oracle. The methods are flawed and, in the most egregious cases, enable attack vectors that allow recovery of the entire underlying plaintext IP. Implementations of IEEE P1735 may be weak to cryptographic attacks that allow an attacker to obtain plaintext intellectual property without the key, among other impacts."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-310",
"description": "CWE-310",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-07-14T09:57:01",
"orgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"shortName": "certcc"
},
"references": [
{
"name": "101699",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/101699"
},
{
"name": "VU#739007",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "https://www.kb.cert.org/vuls/id/739007"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "The P1735 IEEE standard describes flawed methods for encrypting electronic-design intellectual property (IP), including improperly specified HDL syntax allows use of an EDA tool as a decryption oracle",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cert@cert.org",
"ID": "CVE-2017-13092",
"STATE": "PUBLIC",
"TITLE": "The P1735 IEEE standard describes flawed methods for encrypting electronic-design intellectual property (IP), including improperly specified HDL syntax allows use of an EDA tool as a decryption oracle"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Standard",
"version": {
"version_data": [
{
"affected": "=",
"version_affected": "=",
"version_name": "P1735",
"version_value": "P1735"
}
]
}
}
]
},
"vendor_name": "IEEE"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The P1735 IEEE standard describes flawed methods for encrypting electronic-design intellectual property (IP), as well as the management of access rights for such IP, including improperly specified HDL syntax allows use of an EDA tool as a decryption oracle. The methods are flawed and, in the most egregious cases, enable attack vectors that allow recovery of the entire underlying plaintext IP. Implementations of IEEE P1735 may be weak to cryptographic attacks that allow an attacker to obtain plaintext intellectual property without the key, among other impacts."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-310"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "101699",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/101699"
},
{
"name": "VU#739007",
"refsource": "CERT-VN",
"url": "https://www.kb.cert.org/vuls/id/739007"
}
]
},
"source": {
"discovery": "UNKNOWN"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"assignerShortName": "certcc",
"cveId": "CVE-2017-13092",
"datePublished": "2018-07-13T20:00:00",
"dateReserved": "2017-08-22T00:00:00",
"dateUpdated": "2024-08-05T18:58:12.398Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-13095 (GCVE-0-2017-13095)
Vulnerability from cvelistv5 – Published: 2018-07-13 20:00 – Updated: 2024-08-05 18:58
VLAI?
Title
The P1735 IEEE standard describes flawed methods for encrypting electronic-design intellectual property (IP), including modification of a license-deny response to a license grant
Summary
The P1735 IEEE standard describes flawed methods for encrypting electronic-design intellectual property (IP), as well as the management of access rights for such IP, including modification of a license-deny response to a license grant. The methods are flawed and, in the most egregious cases, enable attack vectors that allow recovery of the entire underlying plaintext IP. Implementations of IEEE P1735 may be weak to cryptographic attacks that allow an attacker to obtain plaintext intellectual property without the key, among other impacts.
Severity ?
No CVSS data available.
CWE
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T18:58:12.316Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "101699",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/101699"
},
{
"name": "VU#739007",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "https://www.kb.cert.org/vuls/id/739007"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Standard",
"vendor": "IEEE",
"versions": [
{
"status": "affected",
"version": "P1735"
}
]
}
],
"datePublic": "2017-11-03T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The P1735 IEEE standard describes flawed methods for encrypting electronic-design intellectual property (IP), as well as the management of access rights for such IP, including modification of a license-deny response to a license grant. The methods are flawed and, in the most egregious cases, enable attack vectors that allow recovery of the entire underlying plaintext IP. Implementations of IEEE P1735 may be weak to cryptographic attacks that allow an attacker to obtain plaintext intellectual property without the key, among other impacts."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-310",
"description": "CWE-310",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-07-14T09:57:01",
"orgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"shortName": "certcc"
},
"references": [
{
"name": "101699",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/101699"
},
{
"name": "VU#739007",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "https://www.kb.cert.org/vuls/id/739007"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "The P1735 IEEE standard describes flawed methods for encrypting electronic-design intellectual property (IP), including modification of a license-deny response to a license grant",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cert@cert.org",
"ID": "CVE-2017-13095",
"STATE": "PUBLIC",
"TITLE": "The P1735 IEEE standard describes flawed methods for encrypting electronic-design intellectual property (IP), including modification of a license-deny response to a license grant"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Standard",
"version": {
"version_data": [
{
"affected": "=",
"version_affected": "=",
"version_name": "P1735",
"version_value": "P1735"
}
]
}
}
]
},
"vendor_name": "IEEE"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The P1735 IEEE standard describes flawed methods for encrypting electronic-design intellectual property (IP), as well as the management of access rights for such IP, including modification of a license-deny response to a license grant. The methods are flawed and, in the most egregious cases, enable attack vectors that allow recovery of the entire underlying plaintext IP. Implementations of IEEE P1735 may be weak to cryptographic attacks that allow an attacker to obtain plaintext intellectual property without the key, among other impacts."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-310"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "101699",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/101699"
},
{
"name": "VU#739007",
"refsource": "CERT-VN",
"url": "https://www.kb.cert.org/vuls/id/739007"
}
]
},
"source": {
"discovery": "UNKNOWN"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"assignerShortName": "certcc",
"cveId": "CVE-2017-13095",
"datePublished": "2018-07-13T20:00:00",
"dateReserved": "2017-08-22T00:00:00",
"dateUpdated": "2024-08-05T18:58:12.316Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-13093 (GCVE-0-2017-13093)
Vulnerability from cvelistv5 – Published: 2018-07-13 20:00 – Updated: 2024-08-05 18:58
VLAI?
Title
The P1735 IEEE standard describes flawed methods for encrypting electronic-design intellectual property (IP), including modification of encrypted IP cyphertext to insert hardware trojans
Summary
The P1735 IEEE standard describes flawed methods for encrypting electronic-design intellectual property (IP), as well as the management of access rights for such IP, including modification of encrypted IP cyphertext to insert hardware trojans. The methods are flawed and, in the most egregious cases, enable attack vectors that allow recovery of the entire underlying plaintext IP. Implementations of IEEE P1735 may be weak to cryptographic attacks that allow an attacker to obtain plaintext intellectual property without the key, among other impacts.
Severity ?
No CVSS data available.
CWE
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T18:58:12.372Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "101699",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/101699"
},
{
"name": "VU#739007",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "https://www.kb.cert.org/vuls/id/739007"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Standard",
"vendor": "IEEE",
"versions": [
{
"status": "affected",
"version": "P1735"
}
]
}
],
"datePublic": "2017-11-03T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The P1735 IEEE standard describes flawed methods for encrypting electronic-design intellectual property (IP), as well as the management of access rights for such IP, including modification of encrypted IP cyphertext to insert hardware trojans. The methods are flawed and, in the most egregious cases, enable attack vectors that allow recovery of the entire underlying plaintext IP. Implementations of IEEE P1735 may be weak to cryptographic attacks that allow an attacker to obtain plaintext intellectual property without the key, among other impacts."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-310",
"description": "CWE-310",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-07-14T09:57:01",
"orgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"shortName": "certcc"
},
"references": [
{
"name": "101699",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/101699"
},
{
"name": "VU#739007",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "https://www.kb.cert.org/vuls/id/739007"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "The P1735 IEEE standard describes flawed methods for encrypting electronic-design intellectual property (IP), including modification of encrypted IP cyphertext to insert hardware trojans",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cert@cert.org",
"ID": "CVE-2017-13093",
"STATE": "PUBLIC",
"TITLE": "The P1735 IEEE standard describes flawed methods for encrypting electronic-design intellectual property (IP), including modification of encrypted IP cyphertext to insert hardware trojans"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Standard",
"version": {
"version_data": [
{
"affected": "=",
"version_affected": "=",
"version_name": "P1735",
"version_value": "P1735"
}
]
}
}
]
},
"vendor_name": "IEEE"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The P1735 IEEE standard describes flawed methods for encrypting electronic-design intellectual property (IP), as well as the management of access rights for such IP, including modification of encrypted IP cyphertext to insert hardware trojans. The methods are flawed and, in the most egregious cases, enable attack vectors that allow recovery of the entire underlying plaintext IP. Implementations of IEEE P1735 may be weak to cryptographic attacks that allow an attacker to obtain plaintext intellectual property without the key, among other impacts."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-310"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "101699",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/101699"
},
{
"name": "VU#739007",
"refsource": "CERT-VN",
"url": "https://www.kb.cert.org/vuls/id/739007"
}
]
},
"source": {
"discovery": "UNKNOWN"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"assignerShortName": "certcc",
"cveId": "CVE-2017-13093",
"datePublished": "2018-07-13T20:00:00",
"dateReserved": "2017-08-22T00:00:00",
"dateUpdated": "2024-08-05T18:58:12.372Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-13097 (GCVE-0-2017-13097)
Vulnerability from cvelistv5 – Published: 2018-07-13 20:00 – Updated: 2024-08-05 18:58
VLAI?
Title
The P1735 IEEE standard describes flawed methods for encrypting electronic-design intellectual property (IP), including modification of Rights Block to remove or relax license requirement
Summary
The P1735 IEEE standard describes flawed methods for encrypting electronic-design intellectual property (IP), as well as the management of access rights for such IP, including modification of Rights Block to remove or relax license requirement. The methods are flawed and, in the most egregious cases, enable attack vectors that allow recovery of the entire underlying plaintext IP. Implementations of IEEE P1735 may be weak to cryptographic attacks that allow an attacker to obtain plaintext intellectual property without the key, among other impacts.
Severity ?
No CVSS data available.
CWE
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T18:58:12.321Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "101699",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/101699"
},
{
"name": "VU#739007",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "https://www.kb.cert.org/vuls/id/739007"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Standard",
"vendor": "IEEE",
"versions": [
{
"status": "affected",
"version": "P1735"
}
]
}
],
"datePublic": "2017-11-03T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The P1735 IEEE standard describes flawed methods for encrypting electronic-design intellectual property (IP), as well as the management of access rights for such IP, including modification of Rights Block to remove or relax license requirement. The methods are flawed and, in the most egregious cases, enable attack vectors that allow recovery of the entire underlying plaintext IP. Implementations of IEEE P1735 may be weak to cryptographic attacks that allow an attacker to obtain plaintext intellectual property without the key, among other impacts."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-310",
"description": "CWE-310",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-07-14T09:57:01",
"orgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"shortName": "certcc"
},
"references": [
{
"name": "101699",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/101699"
},
{
"name": "VU#739007",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "https://www.kb.cert.org/vuls/id/739007"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "The P1735 IEEE standard describes flawed methods for encrypting electronic-design intellectual property (IP), including modification of Rights Block to remove or relax license requirement",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cert@cert.org",
"ID": "CVE-2017-13097",
"STATE": "PUBLIC",
"TITLE": "The P1735 IEEE standard describes flawed methods for encrypting electronic-design intellectual property (IP), including modification of Rights Block to remove or relax license requirement"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Standard",
"version": {
"version_data": [
{
"affected": "=",
"version_affected": "=",
"version_name": "P1735",
"version_value": "P1735"
}
]
}
}
]
},
"vendor_name": "IEEE"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The P1735 IEEE standard describes flawed methods for encrypting electronic-design intellectual property (IP), as well as the management of access rights for such IP, including modification of Rights Block to remove or relax license requirement. The methods are flawed and, in the most egregious cases, enable attack vectors that allow recovery of the entire underlying plaintext IP. Implementations of IEEE P1735 may be weak to cryptographic attacks that allow an attacker to obtain plaintext intellectual property without the key, among other impacts."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-310"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "101699",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/101699"
},
{
"name": "VU#739007",
"refsource": "CERT-VN",
"url": "https://www.kb.cert.org/vuls/id/739007"
}
]
},
"source": {
"discovery": "UNKNOWN"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"assignerShortName": "certcc",
"cveId": "CVE-2017-13097",
"datePublished": "2018-07-13T20:00:00",
"dateReserved": "2017-08-22T00:00:00",
"dateUpdated": "2024-08-05T18:58:12.321Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-13096 (GCVE-0-2017-13096)
Vulnerability from cvelistv5 – Published: 2018-07-13 20:00 – Updated: 2024-08-05 18:58
VLAI?
Title
The P1735 IEEE standard describes flawed methods for encrypting electronic-design intellectual property (IP), including modification of Rights Block to remove or relax access control
Summary
The P1735 IEEE standard describes flawed methods for encrypting electronic-design intellectual property (IP), as well as the management of access rights for such IP, including modification of Rights Block to remove or relax access control. The methods are flawed and, in the most egregious cases, enable attack vectors that allow recovery of the entire underlying plaintext IP. Implementations of IEEE P1735 may be weak to cryptographic attacks that allow an attacker to obtain plaintext intellectual property without the key, among other impacts.
Severity ?
No CVSS data available.
CWE
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T18:58:12.330Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "101699",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/101699"
},
{
"name": "VU#739007",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "https://www.kb.cert.org/vuls/id/739007"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Standard",
"vendor": "IEEE",
"versions": [
{
"status": "affected",
"version": "P1735"
}
]
}
],
"datePublic": "2017-11-03T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The P1735 IEEE standard describes flawed methods for encrypting electronic-design intellectual property (IP), as well as the management of access rights for such IP, including modification of Rights Block to remove or relax access control. The methods are flawed and, in the most egregious cases, enable attack vectors that allow recovery of the entire underlying plaintext IP. Implementations of IEEE P1735 may be weak to cryptographic attacks that allow an attacker to obtain plaintext intellectual property without the key, among other impacts."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-310",
"description": "CWE-310",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-07-14T09:57:01",
"orgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"shortName": "certcc"
},
"references": [
{
"name": "101699",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/101699"
},
{
"name": "VU#739007",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "https://www.kb.cert.org/vuls/id/739007"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "The P1735 IEEE standard describes flawed methods for encrypting electronic-design intellectual property (IP), including modification of Rights Block to remove or relax access control",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cert@cert.org",
"ID": "CVE-2017-13096",
"STATE": "PUBLIC",
"TITLE": "The P1735 IEEE standard describes flawed methods for encrypting electronic-design intellectual property (IP), including modification of Rights Block to remove or relax access control"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Standard",
"version": {
"version_data": [
{
"affected": "=",
"version_affected": "=",
"version_name": "P1735",
"version_value": "P1735"
}
]
}
}
]
},
"vendor_name": "IEEE"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The P1735 IEEE standard describes flawed methods for encrypting electronic-design intellectual property (IP), as well as the management of access rights for such IP, including modification of Rights Block to remove or relax access control. The methods are flawed and, in the most egregious cases, enable attack vectors that allow recovery of the entire underlying plaintext IP. Implementations of IEEE P1735 may be weak to cryptographic attacks that allow an attacker to obtain plaintext intellectual property without the key, among other impacts."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-310"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "101699",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/101699"
},
{
"name": "VU#739007",
"refsource": "CERT-VN",
"url": "https://www.kb.cert.org/vuls/id/739007"
}
]
},
"source": {
"discovery": "UNKNOWN"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"assignerShortName": "certcc",
"cveId": "CVE-2017-13096",
"datePublished": "2018-07-13T20:00:00",
"dateReserved": "2017-08-22T00:00:00",
"dateUpdated": "2024-08-05T18:58:12.330Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-13091 (GCVE-0-2017-13091)
Vulnerability from cvelistv5 – Published: 2018-07-13 20:00 – Updated: 2024-08-05 18:58
VLAI?
Title
The P1735 IEEE standard describes flawed methods for encrypting electronic-design intellectual property (IP), including improperly specified padding in CBC mode allows use of an EDA tool as a decryption oracle
Summary
The P1735 IEEE standard describes flawed methods for encrypting electronic-design intellectual property (IP), as well as the management of access rights for such IP, including improperly specified padding in CBC mode allows use of an EDA tool as a decryption oracle. The methods are flawed and, in the most egregious cases, enable attack vectors that allow recovery of the entire underlying plaintext IP. Implementations of IEEE P1735 may be weak to cryptographic attacks that allow an attacker to obtain plaintext intellectual property without the key, among other impacts.
Severity ?
No CVSS data available.
CWE
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T18:58:12.350Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "101699",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/101699"
},
{
"name": "VU#739007",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "https://www.kb.cert.org/vuls/id/739007"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Standard",
"vendor": "IEEE",
"versions": [
{
"status": "affected",
"version": "P1735"
}
]
}
],
"datePublic": "2017-11-03T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The P1735 IEEE standard describes flawed methods for encrypting electronic-design intellectual property (IP), as well as the management of access rights for such IP, including improperly specified padding in CBC mode allows use of an EDA tool as a decryption oracle. The methods are flawed and, in the most egregious cases, enable attack vectors that allow recovery of the entire underlying plaintext IP. Implementations of IEEE P1735 may be weak to cryptographic attacks that allow an attacker to obtain plaintext intellectual property without the key, among other impacts."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-310",
"description": "CWE-310",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-07-14T09:57:01",
"orgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"shortName": "certcc"
},
"references": [
{
"name": "101699",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/101699"
},
{
"name": "VU#739007",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "https://www.kb.cert.org/vuls/id/739007"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "The P1735 IEEE standard describes flawed methods for encrypting electronic-design intellectual property (IP), including improperly specified padding in CBC mode allows use of an EDA tool as a decryption oracle",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cert@cert.org",
"ID": "CVE-2017-13091",
"STATE": "PUBLIC",
"TITLE": "The P1735 IEEE standard describes flawed methods for encrypting electronic-design intellectual property (IP), including improperly specified padding in CBC mode allows use of an EDA tool as a decryption oracle"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Standard",
"version": {
"version_data": [
{
"affected": "=",
"version_affected": "=",
"version_name": "P1735",
"version_value": "P1735"
}
]
}
}
]
},
"vendor_name": "IEEE"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The P1735 IEEE standard describes flawed methods for encrypting electronic-design intellectual property (IP), as well as the management of access rights for such IP, including improperly specified padding in CBC mode allows use of an EDA tool as a decryption oracle. The methods are flawed and, in the most egregious cases, enable attack vectors that allow recovery of the entire underlying plaintext IP. Implementations of IEEE P1735 may be weak to cryptographic attacks that allow an attacker to obtain plaintext intellectual property without the key, among other impacts."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-310"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "101699",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/101699"
},
{
"name": "VU#739007",
"refsource": "CERT-VN",
"url": "https://www.kb.cert.org/vuls/id/739007"
}
]
},
"source": {
"discovery": "UNKNOWN"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"assignerShortName": "certcc",
"cveId": "CVE-2017-13091",
"datePublished": "2018-07-13T20:00:00",
"dateReserved": "2017-08-22T00:00:00",
"dateUpdated": "2024-08-05T18:58:12.350Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-13094 (GCVE-0-2017-13094)
Vulnerability from nvd – Published: 2018-07-13 20:00 – Updated: 2024-08-05 18:58
VLAI?
Title
The P1735 IEEE standard describes flawed methods for encrypting electronic-design intellectual property (IP), including modification of the encryption key and insertion of hardware trojans in any IP
Summary
The P1735 IEEE standard describes flawed methods for encrypting electronic-design intellectual property (IP), as well as the management of access rights for such IP, including modification of the encryption key and insertion of hardware trojans in any IP. The methods are flawed and, in the most egregious cases, enable attack vectors that allow recovery of the entire underlying plaintext IP. Implementations of IEEE P1735 may be weak to cryptographic attacks that allow an attacker to obtain plaintext intellectual property without the key, among other impacts.
Severity ?
No CVSS data available.
CWE
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T18:58:12.444Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "101699",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/101699"
},
{
"name": "VU#739007",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "https://www.kb.cert.org/vuls/id/739007"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Standard",
"vendor": "IEEE",
"versions": [
{
"status": "affected",
"version": "P1735"
}
]
}
],
"datePublic": "2017-11-03T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The P1735 IEEE standard describes flawed methods for encrypting electronic-design intellectual property (IP), as well as the management of access rights for such IP, including modification of the encryption key and insertion of hardware trojans in any IP. The methods are flawed and, in the most egregious cases, enable attack vectors that allow recovery of the entire underlying plaintext IP. Implementations of IEEE P1735 may be weak to cryptographic attacks that allow an attacker to obtain plaintext intellectual property without the key, among other impacts."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-310",
"description": "CWE-310",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-07-14T09:57:01",
"orgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"shortName": "certcc"
},
"references": [
{
"name": "101699",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/101699"
},
{
"name": "VU#739007",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "https://www.kb.cert.org/vuls/id/739007"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "The P1735 IEEE standard describes flawed methods for encrypting electronic-design intellectual property (IP), including modification of the encryption key and insertion of hardware trojans in any IP",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cert@cert.org",
"ID": "CVE-2017-13094",
"STATE": "PUBLIC",
"TITLE": "The P1735 IEEE standard describes flawed methods for encrypting electronic-design intellectual property (IP), including modification of the encryption key and insertion of hardware trojans in any IP"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Standard",
"version": {
"version_data": [
{
"affected": "=",
"version_affected": "=",
"version_name": "P1735",
"version_value": "P1735"
}
]
}
}
]
},
"vendor_name": "IEEE"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The P1735 IEEE standard describes flawed methods for encrypting electronic-design intellectual property (IP), as well as the management of access rights for such IP, including modification of the encryption key and insertion of hardware trojans in any IP. The methods are flawed and, in the most egregious cases, enable attack vectors that allow recovery of the entire underlying plaintext IP. Implementations of IEEE P1735 may be weak to cryptographic attacks that allow an attacker to obtain plaintext intellectual property without the key, among other impacts."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-310"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "101699",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/101699"
},
{
"name": "VU#739007",
"refsource": "CERT-VN",
"url": "https://www.kb.cert.org/vuls/id/739007"
}
]
},
"source": {
"discovery": "UNKNOWN"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"assignerShortName": "certcc",
"cveId": "CVE-2017-13094",
"datePublished": "2018-07-13T20:00:00",
"dateReserved": "2017-08-22T00:00:00",
"dateUpdated": "2024-08-05T18:58:12.444Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-13092 (GCVE-0-2017-13092)
Vulnerability from nvd – Published: 2018-07-13 20:00 – Updated: 2024-08-05 18:58
VLAI?
Title
The P1735 IEEE standard describes flawed methods for encrypting electronic-design intellectual property (IP), including improperly specified HDL syntax allows use of an EDA tool as a decryption oracle
Summary
The P1735 IEEE standard describes flawed methods for encrypting electronic-design intellectual property (IP), as well as the management of access rights for such IP, including improperly specified HDL syntax allows use of an EDA tool as a decryption oracle. The methods are flawed and, in the most egregious cases, enable attack vectors that allow recovery of the entire underlying plaintext IP. Implementations of IEEE P1735 may be weak to cryptographic attacks that allow an attacker to obtain plaintext intellectual property without the key, among other impacts.
Severity ?
No CVSS data available.
CWE
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T18:58:12.398Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "101699",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/101699"
},
{
"name": "VU#739007",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "https://www.kb.cert.org/vuls/id/739007"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Standard",
"vendor": "IEEE",
"versions": [
{
"status": "affected",
"version": "P1735"
}
]
}
],
"datePublic": "2017-11-03T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The P1735 IEEE standard describes flawed methods for encrypting electronic-design intellectual property (IP), as well as the management of access rights for such IP, including improperly specified HDL syntax allows use of an EDA tool as a decryption oracle. The methods are flawed and, in the most egregious cases, enable attack vectors that allow recovery of the entire underlying plaintext IP. Implementations of IEEE P1735 may be weak to cryptographic attacks that allow an attacker to obtain plaintext intellectual property without the key, among other impacts."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-310",
"description": "CWE-310",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-07-14T09:57:01",
"orgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"shortName": "certcc"
},
"references": [
{
"name": "101699",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/101699"
},
{
"name": "VU#739007",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "https://www.kb.cert.org/vuls/id/739007"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "The P1735 IEEE standard describes flawed methods for encrypting electronic-design intellectual property (IP), including improperly specified HDL syntax allows use of an EDA tool as a decryption oracle",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cert@cert.org",
"ID": "CVE-2017-13092",
"STATE": "PUBLIC",
"TITLE": "The P1735 IEEE standard describes flawed methods for encrypting electronic-design intellectual property (IP), including improperly specified HDL syntax allows use of an EDA tool as a decryption oracle"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Standard",
"version": {
"version_data": [
{
"affected": "=",
"version_affected": "=",
"version_name": "P1735",
"version_value": "P1735"
}
]
}
}
]
},
"vendor_name": "IEEE"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The P1735 IEEE standard describes flawed methods for encrypting electronic-design intellectual property (IP), as well as the management of access rights for such IP, including improperly specified HDL syntax allows use of an EDA tool as a decryption oracle. The methods are flawed and, in the most egregious cases, enable attack vectors that allow recovery of the entire underlying plaintext IP. Implementations of IEEE P1735 may be weak to cryptographic attacks that allow an attacker to obtain plaintext intellectual property without the key, among other impacts."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-310"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "101699",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/101699"
},
{
"name": "VU#739007",
"refsource": "CERT-VN",
"url": "https://www.kb.cert.org/vuls/id/739007"
}
]
},
"source": {
"discovery": "UNKNOWN"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"assignerShortName": "certcc",
"cveId": "CVE-2017-13092",
"datePublished": "2018-07-13T20:00:00",
"dateReserved": "2017-08-22T00:00:00",
"dateUpdated": "2024-08-05T18:58:12.398Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-13095 (GCVE-0-2017-13095)
Vulnerability from nvd – Published: 2018-07-13 20:00 – Updated: 2024-08-05 18:58
VLAI?
Title
The P1735 IEEE standard describes flawed methods for encrypting electronic-design intellectual property (IP), including modification of a license-deny response to a license grant
Summary
The P1735 IEEE standard describes flawed methods for encrypting electronic-design intellectual property (IP), as well as the management of access rights for such IP, including modification of a license-deny response to a license grant. The methods are flawed and, in the most egregious cases, enable attack vectors that allow recovery of the entire underlying plaintext IP. Implementations of IEEE P1735 may be weak to cryptographic attacks that allow an attacker to obtain plaintext intellectual property without the key, among other impacts.
Severity ?
No CVSS data available.
CWE
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T18:58:12.316Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "101699",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/101699"
},
{
"name": "VU#739007",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "https://www.kb.cert.org/vuls/id/739007"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Standard",
"vendor": "IEEE",
"versions": [
{
"status": "affected",
"version": "P1735"
}
]
}
],
"datePublic": "2017-11-03T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The P1735 IEEE standard describes flawed methods for encrypting electronic-design intellectual property (IP), as well as the management of access rights for such IP, including modification of a license-deny response to a license grant. The methods are flawed and, in the most egregious cases, enable attack vectors that allow recovery of the entire underlying plaintext IP. Implementations of IEEE P1735 may be weak to cryptographic attacks that allow an attacker to obtain plaintext intellectual property without the key, among other impacts."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-310",
"description": "CWE-310",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-07-14T09:57:01",
"orgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"shortName": "certcc"
},
"references": [
{
"name": "101699",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/101699"
},
{
"name": "VU#739007",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "https://www.kb.cert.org/vuls/id/739007"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "The P1735 IEEE standard describes flawed methods for encrypting electronic-design intellectual property (IP), including modification of a license-deny response to a license grant",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cert@cert.org",
"ID": "CVE-2017-13095",
"STATE": "PUBLIC",
"TITLE": "The P1735 IEEE standard describes flawed methods for encrypting electronic-design intellectual property (IP), including modification of a license-deny response to a license grant"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Standard",
"version": {
"version_data": [
{
"affected": "=",
"version_affected": "=",
"version_name": "P1735",
"version_value": "P1735"
}
]
}
}
]
},
"vendor_name": "IEEE"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The P1735 IEEE standard describes flawed methods for encrypting electronic-design intellectual property (IP), as well as the management of access rights for such IP, including modification of a license-deny response to a license grant. The methods are flawed and, in the most egregious cases, enable attack vectors that allow recovery of the entire underlying plaintext IP. Implementations of IEEE P1735 may be weak to cryptographic attacks that allow an attacker to obtain plaintext intellectual property without the key, among other impacts."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-310"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "101699",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/101699"
},
{
"name": "VU#739007",
"refsource": "CERT-VN",
"url": "https://www.kb.cert.org/vuls/id/739007"
}
]
},
"source": {
"discovery": "UNKNOWN"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"assignerShortName": "certcc",
"cveId": "CVE-2017-13095",
"datePublished": "2018-07-13T20:00:00",
"dateReserved": "2017-08-22T00:00:00",
"dateUpdated": "2024-08-05T18:58:12.316Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-13093 (GCVE-0-2017-13093)
Vulnerability from nvd – Published: 2018-07-13 20:00 – Updated: 2024-08-05 18:58
VLAI?
Title
The P1735 IEEE standard describes flawed methods for encrypting electronic-design intellectual property (IP), including modification of encrypted IP cyphertext to insert hardware trojans
Summary
The P1735 IEEE standard describes flawed methods for encrypting electronic-design intellectual property (IP), as well as the management of access rights for such IP, including modification of encrypted IP cyphertext to insert hardware trojans. The methods are flawed and, in the most egregious cases, enable attack vectors that allow recovery of the entire underlying plaintext IP. Implementations of IEEE P1735 may be weak to cryptographic attacks that allow an attacker to obtain plaintext intellectual property without the key, among other impacts.
Severity ?
No CVSS data available.
CWE
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T18:58:12.372Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "101699",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/101699"
},
{
"name": "VU#739007",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "https://www.kb.cert.org/vuls/id/739007"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Standard",
"vendor": "IEEE",
"versions": [
{
"status": "affected",
"version": "P1735"
}
]
}
],
"datePublic": "2017-11-03T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The P1735 IEEE standard describes flawed methods for encrypting electronic-design intellectual property (IP), as well as the management of access rights for such IP, including modification of encrypted IP cyphertext to insert hardware trojans. The methods are flawed and, in the most egregious cases, enable attack vectors that allow recovery of the entire underlying plaintext IP. Implementations of IEEE P1735 may be weak to cryptographic attacks that allow an attacker to obtain plaintext intellectual property without the key, among other impacts."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-310",
"description": "CWE-310",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-07-14T09:57:01",
"orgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"shortName": "certcc"
},
"references": [
{
"name": "101699",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/101699"
},
{
"name": "VU#739007",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "https://www.kb.cert.org/vuls/id/739007"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "The P1735 IEEE standard describes flawed methods for encrypting electronic-design intellectual property (IP), including modification of encrypted IP cyphertext to insert hardware trojans",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cert@cert.org",
"ID": "CVE-2017-13093",
"STATE": "PUBLIC",
"TITLE": "The P1735 IEEE standard describes flawed methods for encrypting electronic-design intellectual property (IP), including modification of encrypted IP cyphertext to insert hardware trojans"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Standard",
"version": {
"version_data": [
{
"affected": "=",
"version_affected": "=",
"version_name": "P1735",
"version_value": "P1735"
}
]
}
}
]
},
"vendor_name": "IEEE"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The P1735 IEEE standard describes flawed methods for encrypting electronic-design intellectual property (IP), as well as the management of access rights for such IP, including modification of encrypted IP cyphertext to insert hardware trojans. The methods are flawed and, in the most egregious cases, enable attack vectors that allow recovery of the entire underlying plaintext IP. Implementations of IEEE P1735 may be weak to cryptographic attacks that allow an attacker to obtain plaintext intellectual property without the key, among other impacts."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-310"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "101699",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/101699"
},
{
"name": "VU#739007",
"refsource": "CERT-VN",
"url": "https://www.kb.cert.org/vuls/id/739007"
}
]
},
"source": {
"discovery": "UNKNOWN"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"assignerShortName": "certcc",
"cveId": "CVE-2017-13093",
"datePublished": "2018-07-13T20:00:00",
"dateReserved": "2017-08-22T00:00:00",
"dateUpdated": "2024-08-05T18:58:12.372Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-13097 (GCVE-0-2017-13097)
Vulnerability from nvd – Published: 2018-07-13 20:00 – Updated: 2024-08-05 18:58
VLAI?
Title
The P1735 IEEE standard describes flawed methods for encrypting electronic-design intellectual property (IP), including modification of Rights Block to remove or relax license requirement
Summary
The P1735 IEEE standard describes flawed methods for encrypting electronic-design intellectual property (IP), as well as the management of access rights for such IP, including modification of Rights Block to remove or relax license requirement. The methods are flawed and, in the most egregious cases, enable attack vectors that allow recovery of the entire underlying plaintext IP. Implementations of IEEE P1735 may be weak to cryptographic attacks that allow an attacker to obtain plaintext intellectual property without the key, among other impacts.
Severity ?
No CVSS data available.
CWE
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T18:58:12.321Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "101699",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/101699"
},
{
"name": "VU#739007",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "https://www.kb.cert.org/vuls/id/739007"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Standard",
"vendor": "IEEE",
"versions": [
{
"status": "affected",
"version": "P1735"
}
]
}
],
"datePublic": "2017-11-03T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The P1735 IEEE standard describes flawed methods for encrypting electronic-design intellectual property (IP), as well as the management of access rights for such IP, including modification of Rights Block to remove or relax license requirement. The methods are flawed and, in the most egregious cases, enable attack vectors that allow recovery of the entire underlying plaintext IP. Implementations of IEEE P1735 may be weak to cryptographic attacks that allow an attacker to obtain plaintext intellectual property without the key, among other impacts."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-310",
"description": "CWE-310",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-07-14T09:57:01",
"orgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"shortName": "certcc"
},
"references": [
{
"name": "101699",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/101699"
},
{
"name": "VU#739007",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "https://www.kb.cert.org/vuls/id/739007"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "The P1735 IEEE standard describes flawed methods for encrypting electronic-design intellectual property (IP), including modification of Rights Block to remove or relax license requirement",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cert@cert.org",
"ID": "CVE-2017-13097",
"STATE": "PUBLIC",
"TITLE": "The P1735 IEEE standard describes flawed methods for encrypting electronic-design intellectual property (IP), including modification of Rights Block to remove or relax license requirement"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Standard",
"version": {
"version_data": [
{
"affected": "=",
"version_affected": "=",
"version_name": "P1735",
"version_value": "P1735"
}
]
}
}
]
},
"vendor_name": "IEEE"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The P1735 IEEE standard describes flawed methods for encrypting electronic-design intellectual property (IP), as well as the management of access rights for such IP, including modification of Rights Block to remove or relax license requirement. The methods are flawed and, in the most egregious cases, enable attack vectors that allow recovery of the entire underlying plaintext IP. Implementations of IEEE P1735 may be weak to cryptographic attacks that allow an attacker to obtain plaintext intellectual property without the key, among other impacts."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-310"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "101699",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/101699"
},
{
"name": "VU#739007",
"refsource": "CERT-VN",
"url": "https://www.kb.cert.org/vuls/id/739007"
}
]
},
"source": {
"discovery": "UNKNOWN"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"assignerShortName": "certcc",
"cveId": "CVE-2017-13097",
"datePublished": "2018-07-13T20:00:00",
"dateReserved": "2017-08-22T00:00:00",
"dateUpdated": "2024-08-05T18:58:12.321Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-13096 (GCVE-0-2017-13096)
Vulnerability from nvd – Published: 2018-07-13 20:00 – Updated: 2024-08-05 18:58
VLAI?
Title
The P1735 IEEE standard describes flawed methods for encrypting electronic-design intellectual property (IP), including modification of Rights Block to remove or relax access control
Summary
The P1735 IEEE standard describes flawed methods for encrypting electronic-design intellectual property (IP), as well as the management of access rights for such IP, including modification of Rights Block to remove or relax access control. The methods are flawed and, in the most egregious cases, enable attack vectors that allow recovery of the entire underlying plaintext IP. Implementations of IEEE P1735 may be weak to cryptographic attacks that allow an attacker to obtain plaintext intellectual property without the key, among other impacts.
Severity ?
No CVSS data available.
CWE
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T18:58:12.330Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "101699",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/101699"
},
{
"name": "VU#739007",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "https://www.kb.cert.org/vuls/id/739007"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Standard",
"vendor": "IEEE",
"versions": [
{
"status": "affected",
"version": "P1735"
}
]
}
],
"datePublic": "2017-11-03T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The P1735 IEEE standard describes flawed methods for encrypting electronic-design intellectual property (IP), as well as the management of access rights for such IP, including modification of Rights Block to remove or relax access control. The methods are flawed and, in the most egregious cases, enable attack vectors that allow recovery of the entire underlying plaintext IP. Implementations of IEEE P1735 may be weak to cryptographic attacks that allow an attacker to obtain plaintext intellectual property without the key, among other impacts."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-310",
"description": "CWE-310",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-07-14T09:57:01",
"orgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"shortName": "certcc"
},
"references": [
{
"name": "101699",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/101699"
},
{
"name": "VU#739007",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "https://www.kb.cert.org/vuls/id/739007"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "The P1735 IEEE standard describes flawed methods for encrypting electronic-design intellectual property (IP), including modification of Rights Block to remove or relax access control",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cert@cert.org",
"ID": "CVE-2017-13096",
"STATE": "PUBLIC",
"TITLE": "The P1735 IEEE standard describes flawed methods for encrypting electronic-design intellectual property (IP), including modification of Rights Block to remove or relax access control"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Standard",
"version": {
"version_data": [
{
"affected": "=",
"version_affected": "=",
"version_name": "P1735",
"version_value": "P1735"
}
]
}
}
]
},
"vendor_name": "IEEE"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The P1735 IEEE standard describes flawed methods for encrypting electronic-design intellectual property (IP), as well as the management of access rights for such IP, including modification of Rights Block to remove or relax access control. The methods are flawed and, in the most egregious cases, enable attack vectors that allow recovery of the entire underlying plaintext IP. Implementations of IEEE P1735 may be weak to cryptographic attacks that allow an attacker to obtain plaintext intellectual property without the key, among other impacts."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-310"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "101699",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/101699"
},
{
"name": "VU#739007",
"refsource": "CERT-VN",
"url": "https://www.kb.cert.org/vuls/id/739007"
}
]
},
"source": {
"discovery": "UNKNOWN"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"assignerShortName": "certcc",
"cveId": "CVE-2017-13096",
"datePublished": "2018-07-13T20:00:00",
"dateReserved": "2017-08-22T00:00:00",
"dateUpdated": "2024-08-05T18:58:12.330Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-13091 (GCVE-0-2017-13091)
Vulnerability from nvd – Published: 2018-07-13 20:00 – Updated: 2024-08-05 18:58
VLAI?
Title
The P1735 IEEE standard describes flawed methods for encrypting electronic-design intellectual property (IP), including improperly specified padding in CBC mode allows use of an EDA tool as a decryption oracle
Summary
The P1735 IEEE standard describes flawed methods for encrypting electronic-design intellectual property (IP), as well as the management of access rights for such IP, including improperly specified padding in CBC mode allows use of an EDA tool as a decryption oracle. The methods are flawed and, in the most egregious cases, enable attack vectors that allow recovery of the entire underlying plaintext IP. Implementations of IEEE P1735 may be weak to cryptographic attacks that allow an attacker to obtain plaintext intellectual property without the key, among other impacts.
Severity ?
No CVSS data available.
CWE
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T18:58:12.350Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "101699",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/101699"
},
{
"name": "VU#739007",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "https://www.kb.cert.org/vuls/id/739007"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Standard",
"vendor": "IEEE",
"versions": [
{
"status": "affected",
"version": "P1735"
}
]
}
],
"datePublic": "2017-11-03T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The P1735 IEEE standard describes flawed methods for encrypting electronic-design intellectual property (IP), as well as the management of access rights for such IP, including improperly specified padding in CBC mode allows use of an EDA tool as a decryption oracle. The methods are flawed and, in the most egregious cases, enable attack vectors that allow recovery of the entire underlying plaintext IP. Implementations of IEEE P1735 may be weak to cryptographic attacks that allow an attacker to obtain plaintext intellectual property without the key, among other impacts."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-310",
"description": "CWE-310",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-07-14T09:57:01",
"orgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"shortName": "certcc"
},
"references": [
{
"name": "101699",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/101699"
},
{
"name": "VU#739007",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "https://www.kb.cert.org/vuls/id/739007"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "The P1735 IEEE standard describes flawed methods for encrypting electronic-design intellectual property (IP), including improperly specified padding in CBC mode allows use of an EDA tool as a decryption oracle",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cert@cert.org",
"ID": "CVE-2017-13091",
"STATE": "PUBLIC",
"TITLE": "The P1735 IEEE standard describes flawed methods for encrypting electronic-design intellectual property (IP), including improperly specified padding in CBC mode allows use of an EDA tool as a decryption oracle"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Standard",
"version": {
"version_data": [
{
"affected": "=",
"version_affected": "=",
"version_name": "P1735",
"version_value": "P1735"
}
]
}
}
]
},
"vendor_name": "IEEE"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The P1735 IEEE standard describes flawed methods for encrypting electronic-design intellectual property (IP), as well as the management of access rights for such IP, including improperly specified padding in CBC mode allows use of an EDA tool as a decryption oracle. The methods are flawed and, in the most egregious cases, enable attack vectors that allow recovery of the entire underlying plaintext IP. Implementations of IEEE P1735 may be weak to cryptographic attacks that allow an attacker to obtain plaintext intellectual property without the key, among other impacts."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-310"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "101699",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/101699"
},
{
"name": "VU#739007",
"refsource": "CERT-VN",
"url": "https://www.kb.cert.org/vuls/id/739007"
}
]
},
"source": {
"discovery": "UNKNOWN"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"assignerShortName": "certcc",
"cveId": "CVE-2017-13091",
"datePublished": "2018-07-13T20:00:00",
"dateReserved": "2017-08-22T00:00:00",
"dateUpdated": "2024-08-05T18:58:12.350Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}