Detections
Analytics
CVE-2025-7071
medium
Description
Padding oracle attack vulnerability in Oberon microsystem AG’s ocrypto library in all versions since 3.1.0 and prior to 3.9.2 allows an attacker to recover plaintexts via timing measurements of AES-CBC PKCS#7 decrypt operations.
References
Details
Published: 2025-08-29
Updated: 2025-08-29
Risk Information
CVSS v2
Base Score: 4.3
Vector: CVSS2#AV:N/AC:M/Au:N/C:P/I:N/A:N
Severity: Medium
CVSS v3
Base Score: 5.9
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
Severity: Medium
CVSS v4
Base Score: 5.9
Vector: CVSS:4.0/AV:L/AC:H/AT:P/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
Severity: Medium
EPSS
EPSS: 0.0001