A Fault Injection vulnerability in the SymmetricDecrypt function in cryptopp/elgamal.h of Cryptopp Crypto++ 8.9, allows an attacker to co-reside in the same system with a victim process to disclose information and escalate privileges.
History

Thu, 29 Aug 2024 21:00:00 +0000

Type Values Removed Values Added
Weaknesses CWE-209
CWE-285
Metrics cvssV3_1

{'score': 9.8, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H'}


cve-icon MITRE

Status: PUBLISHED

Assigner: mitre

Published:

Updated: 2024-08-29T18:45:06.510Z

Reserved:

Link: CVE-2024-28285

cve-icon Vulnrichment

Updated: 2024-08-02T00:48:49.773Z

cve-icon NVD

Status : Awaiting Analysis

Published: 2024-05-14T15:14:19.427

Modified: 2024-11-21T09:06:08.497

Link: CVE-2024-28285

cve-icon Redhat

No data.