CVE-2020-11683

Published September 14th, 2020

View on NVD ↗

CVSS v3

6.8

MEDIUM

CVSS v2

4.6

MEDIUM

Affected

PROJECT

Description

A timing side channel was discovered in AT91bootstrap before 3.9.2. It can be exploited by attackers with physical access to forge CMAC values and subsequently boot arbitrary code on an affected system.

linux4sam/at91bootstrap

Second level bootloader for Microchip SoC (aka AT91)

GitHub

122