CVE

CVE-2020-11684

admin

CVE-2020-11684

AT91bootstrap before 3.9.2 does not properly wipe encryption and authentication keys from memory before passing control to a less privileged software component. This can be exploited to disclose these keys and subsequently encrypt and sign the next boot stage (such as the bootloader).

Source: CVE-2020-11684

Exit mobile version