A newly discovered vulnerability, dubbed “EUCLEAK,” poses a significant security risk to FIDO devices utilizing the Infineon SLE78 security microcontroller, including Yubico’s popular YubiKey 5 Series. This flaw allows attackers to extract Elliptic Curve Digital Signature Algorithm (ECDSA) secret keys, which could enable them to clone the affected FIDO devices, posing potential risks to users who rely on these keys for secure authentication.
Understanding the EUCLEAK Vulnerability
The EUCLEAK flaw was discovered by Thomas Roche from NinjaLab, who developed a sophisticated side-channel attack that can exploit the vulnerability to retrieve ECDSA secret keys using electromagnetic (EM) acquisitions. This kind of attack targets the cryptographic operations of the Infineon microcontroller, allowing a skilled adversary to extract private keys and subsequently clone the affected FIDO devices.
However, exploiting this vulnerability is no easy task. It requires extended physical access to the device, specialized equipment, and an advanced understanding of electronics and cryptography. These stringent requirements significantly reduce the risk for the average user, as such an attack is unlikely to be carried out by anyone other than highly skilled, state-sponsored threat actors targeting high-value individuals or organizations. Consequently, EUCLEAK is not considered a significant threat to general users, even those who possess theoretically vulnerable devices.
Previous Vulnerabilities and EUCLEAK’s Impact on YubiKey
This is not the first time Thomas Roche has uncovered side-channel vulnerabilities in security keys. In 2021, he identified a similar flaw affecting Google Titan security keys, which allowed for the extraction of the ECDSA private key and the cloning of the device. EUCLEAK represents a continuation of these kinds of side-channel threats against security hardware.
Affected YubiKey Devices
EUCLEAK affects several YubiKey models using firmware versions below 5.7.0 that utilize Infineon’s compromised cryptographic library. Specifically, the impacted devices include:
- YubiKey 5 Series versions prior to 5.7
- YubiKey 5 FIPS Series prior to 5.7
- YubiKey 5 CSPN Series prior to 5.7
- YubiKey Bio Series versions prior to 5.7.2
- Security Key Series, all versions prior to 5.7
- YubiHSM 2 versions prior to 2.4.0
- YubiHSM 2 FIPS versions prior to 2.4.0
Yubico’s Response and Recommendations
Yubico has acknowledged the EUCLEAK vulnerability, rating it as a moderate issue with a Common Vulnerability Scoring System (CVSS) score of 4.9, reflecting its relatively low risk to the broader user base. In their advisory, Yubico notes that even if attackers could access vulnerable devices, they would still need the user’s PIN or biometric verification to fully exploit the flaw, adding an extra layer of difficulty for any potential attack.
To check if a YubiKey device is running a vulnerable firmware version, users can utilize tools like YubiKey Manager or YubiKey Authenticator. Unfortunately, devices running older, susceptible firmware versions cannot be upgraded to the latest secure versions (5.7.0 for YubiKey and 2.4.0 for YubiHSM). As a workaround, Yubico recommends using RSA signing keys instead of elliptic curve (ECC) keys and suggests limiting the maximum session duration in identity provider settings to prompt more frequent FIDO authentications.
Other Affected Products Beyond YubiKey
EUCLEAK’s impact extends beyond YubiKey devices, affecting other products that use the Infineon SLE78 microcontroller. Notably, NinjaLab confirmed that the flaw also compromises Infineon Trusted Platform Modules (TPMs) like the SLB96xx series, which are utilized for secure boot, authentication, and cryptographic operations. Devices that rely on these TPMs include older smartphones and tablets from brands like Samsung and OnePlus, as well as certain laptop models from Lenovo, Acer, Dell, HP, and LG from the mid-2010s.
Additionally, Infineon’s Optiga Trust M security microcontroller, widely used in Internet of Things (IoT) devices, is vulnerable to EUCLEAK. Other potentially affected technologies include e-passports, cryptocurrency hardware wallets (cold wallets), and various FIDO devices employing the Infineon SLE78 microcontroller.
Conclusion
While EUCLEAK represents a notable security concern for high-value targets using vulnerable FIDO devices, the barriers to successful exploitation significantly mitigate the risk for most users. Yubico’s guidance to switch from ECC to RSA signing keys and to adjust session durations provides practical steps for those looking to safeguard their authentication keys. However, for those using compromised devices, a hardware upgrade might ultimately be necessary to fully protect against this and similar vulnerabilities.
Follow us on 
(Twitter) for real time updates and exclusive content.
Interesting Article : Zyxel Issues Critical Security Warning for OS Command Injection Vulnerability in Routers