- Description
- DPA countermeasures are unavailable for ECDH key agreement and EdDSA signing operations on Curve25519 and Curve448 on all Series 2 modules and SoCs due to a lack of hardware and software support. A successful DPA attack may result in exposure of confidential information. The best practice is to use the impacted crypto curves and operations with ephemeral keys to reduce the number of DPA traces that can be collected.
- Source
- product-security@silabs.com
- NVD status
- Awaiting Analysis
CVSS 4.0
- Type
- Secondary
- Base score
- 1
- Impact score
- -
- Exploitability score
- -
- Vector string
- CVSS:4.0/AV:P/AC:L/AT:P/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
- Severity
- LOW
- product-security@silabs.com
- CWE-1255
- Hype score
- Not currently trending
CVE-2025-3301 Differential Power Analysis Vulnerability in Series 2 Curve25519 and Curve448 Cryptographic Modules https://t.co/GqkZKtI1Yl
@VulmonFeeds
29 Apr 2025
0 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-3301 DPA countermeasures are unavailable for ECDH key agreement and EdDSA signing operations on Curve25519 and Curve448 on all Series 2 modules and SoCs due to a lack of har… https://t.co/zZiXO9glwL
@CVEnew
29 Apr 2025
308 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes