SA-004: Side-channel attack can lead to extraction of an ECDH key

Vulnerability Type: Improper Protection of Physical Side Channels

Affected Product(s): NPCT7xx with any Firmware revision prior to 7.2.4.0

Fixed Product(s): Firmware Version: 7.2.4.0 and above. For details on firmware updates, please contact the system OEM.

Attack Type: Physical

Impact: Information Disclosure

Affected Components: Elliptic Curve Diffie-Hellman Keys

Attack Vector: Side Channel Attack

Severity: Low

Detailed Description: A side-channel attack, which requires a physical presence to the TPM, can lead to extraction of an Elliptic Curve Diffie-Hellman (ECDH) key

Discoverer(s)/Credits: Robin Muller, Roman Korkikian - uSec

CVE Identifier: CVE-2026-6923

视频中心

技术支持

技术论坛

培训中心

Security

合作伙伴创意中心