nCipher Hardware Security Module Firmware Secrets Disclosure Vulnerability

nCipher HSM firmware has been reported prone to a vulnerability that may provide for the disclosure of certain secret keys. It has been reported that an attacker who has the ability to invoke commands with a vulnerable nCipher HSM may potentially exploit this vulnerability to peruse the affected module's run-time memory and disclose the keys.


 

Privacy Statement
Copyright 2010, SecurityFocus