Security Advisory

CVE-2025-9071

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2025-08-29 09:19:59

Last updated 2025-08-29 13:45:42

Assigner NCSC.ch

State PUBLISHED

Description

Erroneously using an all-zero seed for RSA-OEAP padding instead of the generated random bytes, in Oberon microsystems AG’s Oberon PSA Crypto library in all versions up to 1.5.1, results in deterministic RSA and thus in a loss of confidentiality for guessable messages, recognition of repeated messages, and loss of security proofs.

← Browse all CVEs View on cve.org ↗