Описание
The Rambus SafeZone Basic Crypto Module, as used in certain Fujifilm (formerly Fuji Xerox) devices before 2022-03-01 and potentially many other devices, generates RSA keys that can be broken with Fermat's factorization method. This allows efficient calculation of private RSA keys from the public key of a TLS certificate.
The Rambus SafeZone Basic Crypto Module, as used in certain Fujifilm (formerly Fuji Xerox) devices before 2022-03-01 and potentially many other devices, generates RSA keys that can be broken with Fermat's factorization method. This allows efficient calculation of private RSA keys from the public key of a TLS certificate.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2022-26320
- https://fermatattack.secvuln.info
- https://global.canon/en/support/security/index.html
- https://safezoneswupdate.com
- https://web.archive.org/web/20220922042721/https://safezoneswupdate.com
- https://www.fujifilm.com/fbglobal/eng/company/news/notice/2022/0302_rsakey_announce.html
- https://www.rambus.com/security/response-center/advisories/rmbs-2021-01
Связанные уязвимости
The Rambus SafeZone Basic Crypto Module before 10.4.0, as used in certain Fujifilm (formerly Fuji Xerox) devices before 2022-03-01, Canon imagePROGRAF and imageRUNNER devices through 2022-03-14, and potentially many other devices, generates RSA keys that can be broken with Fermat's factorization method. This allows efficient calculation of private RSA keys from the public key of a TLS certificate.
Уязвимость функции CLS_PK_KeyGenMT() базового криптомодуля Rambus SafeZone, позволяющая нарушителю вычислять закрытые ключи RSA из открытого ключа сертификата TLS