CVE-2023-51392

CRITICAL Year: 2023
CVSS v3 Score
9.8
Critical
Weakness Type
CWE-1240
View all →

Vulnerability Description

Ember ZNet between v7.2.0 and v7.4.0 used software AES-CCM instead of integrated hardware cryptographic accelerators, potentially increasing risk of electromagnetic and differential power analysis sidechannel attacks.

Related Vulnerabilities

CVE-2024-0323

CRITICAL
CVSS:9.8(Critical)

The FTP server used on the B&R Automation Runtime supports unsecure encryption mechanisms, such as SSLv3, TLSv1.0 and TLS1.1. An network-based attacker can exploit the flaws to conduct man-in-the-midd...

CWE-12402024

CVE-2025-24802

HIGH
CVSS:8.6(High)

Plonky2 is a SNARK implementation based on techniques from PLONK and FRI. Lookup tables, whose length is not divisible by 26 = floor(num_routed_wires / 3) always include the 0 -> 0 input-output pair. ...

CWE-12402025

CVE-2024-0323

CRITICAL
CVSS:9.8(Critical)

The FTP server used on the B&R Automation Runtime supports unsecure encryption mechanisms, such as SSLv3, TLSv1.0 and TLS1.1. An network-based attacker can exploit the flaws to conduct man-in-the-midd...

CWE-12402024

CVE-2025-24802

HIGH
CVSS:8.6(High)

Plonky2 is a SNARK implementation based on techniques from PLONK and FRI. Lookup tables, whose length is not divisible by 26 = floor(num_routed_wires / 3) always include the 0 -> 0 input-output pair. ...

CWE-12402025

CVE-2025-22475

HIGH
CVSS:7.5(High)

Dell PowerProtect DD, versions prior to DDOS 8.3.0.0, 7.10.1.50, and 7.13.1.10 contains a use of a Cryptographic Primitive with a Risky Implementation vulnerability. A remote attacker could potentiall...

CWE-12402025

CVE-2024-37137

MEDIUM
CVSS:5.5(Medium)

Dell Key Trust Platform, v3.0.6 and prior, contains Use of a Cryptographic Primitive with a Risky Implementation vulnerability. A local privileged attacker could potentially exploit this vulnerability...

CWE-12402024