Security Advisory

CVE-2025-7071

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2025-08-29 09:18:06

Last updated 2025-08-29 12:07:57

Assigner NCSC.ch

State PUBLISHED

Description

Padding oracle attack vulnerability in Oberon microsystem AG’s ocrypto library in all versions since 3.1.0 and prior to 3.9.2 allows an attacker to recover plaintexts via timing measurements of AES-CBC PKCS#7 decrypt operations.

← Browse all CVEs View on cve.org ↗