CVE-2014-3591

LOW

Description

Libgcrypt before 1.6.3 and GnuPG before 1.4.19 does not implement ciphertext blinding for Elgamal decryption, which allows physically proximate attackers to obtain the server's private key by determining factors using crafted ciphertext and the fluctuations in the electromagnetic field during multiplication.

References

http://www.cs.tau.ac.il/~tromer/radioexp/

http://www.debian.org/security/2015/dsa-3184

http://www.debian.org/security/2015/dsa-3185

https://lists.gnupg.org/pipermail/gnupg-announce/2015q1/000363.html

https://lists.gnupg.org/pipermail/gnupg-announce/2015q1/000364.html

Details

Source: MITRE

Published: 2019-11-29

Updated: 2019-12-05

Type: CWE-200

Risk Information

CVSS v2.0

Base Score: 1.9

Vector: AV:L/AC:M/Au:N/C:P/I:N/A:N

Impact Score: 2.9

Exploitability Score: 3.4

Severity: LOW

CVSS v3.0

Base Score: 4.2

Vector: CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N

Impact Score: 3.6

Exploitability Score: 0.5

Severity: MEDIUM