QwikSec

Security Database

CVE

CWE

Training

CVE-2021-24119

Published: Jul 14, 2021

Modified: Nov 3, 2025

PUBLISHED

Description

In Trusted Firmware Mbed TLS 2.24.0, a side-channel vulnerability in base64 PEM file decoding allows system-level (administrator) attackers to obtain information about secret RSA keys via a controlled-channel and side-channel attack on software running in isolated environments that can be single stepped, especially Intel SGX.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

https://github.com/ARMmbed/mbedtls/releases

https://github.com/UzL-ITS/util-lookup/blob/main/cve-vulnerability-publication.md

FEDORA-2021-10bfc067d1

vendor-advisory

FEDORA-2021-165969af24

vendor-advisory

[debian-lts-announce] 20211123 [SECURITY] [DLA 2826-1] mbedtls security update

mailing-list

[debian-lts-announce] 20221225 [SECURITY] [DLA 3249-1] mbedtls security update

mailing-list

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.