CVE-2021-32033 Information

Description

Protectimus SLIM NFC 70 10.01 devices allow a Time Traveler attack in which attackers can predict TOTP passwords in certain situations. The time value used by the device can be set independently from the used seed value for generating time-based one-time passwords without authentication. Thus an attacker with short-time physical access to a device can set the internal real-time clock (RTC) to the future generate one-time passwords and reset the clock to the current time. This allows the generation of valid future time-based one-time passwords without having further access to the hardware token.

CVSS Vector

CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Reference

https://www.syss.de/fileadmin/dokumente/Publikationen/Advisories/SYSS-2021-007.txt http://seclists.org/fulldisclosure/2021/Jun/39 http://packetstormsecurity.com/files/163223/Protectimus-SLIM-NFC-Time-Manipulation.html

Attack Complexity

LOW

Privileges Required

NONE

User Interaction Required

NONE

Scope

NONE

Confidentiality Impact

UNCHANGED

Integrity Impact

HIGH

Availability Impact

NONE

Base Score

NONE

Base Severity

4.6