CVSS Severity: 4.9
A vulnerability that was discovered in Infineon’s cryptographic library, also known as EUCLEAK
(https://ninjalab.io/eucleak), affects the iShield Key 1 series with firmware prior to 3.35.0.
An attacker with physical possession of an iShield Key 1 can exploit this vulnerability to recover:
The private key of a FIDO credential.
The private key of a PIV slot
The attack demands specialized equipment, advanced expertise in both electrical and cryptographic engineering. Depending on the type of credential, specific knowledge such as the credential ID, the relying party ID associated with the iShield Key 1, or the PIV PIN is required to carry out the attack. Due to the complexity and resource requirements, such an attack would likely only be feasible for nation-states or similarly well-resourced actors in highly targeted situations.
The vulnerability was brought to our attention in September 2024 and patched in October 2024. All partners and distributors were informed. Unfortunately, it is not possible to patch the devices that are already in the field.
iShield Key Pro with firmware versions prior to 3.35.0
iShield Key FIDO2 with firmware versions prior to 3.35.0
SNU20000D1PBAN0-E-XX-XXX-XXX
SNU20000D1PBCN0-E-XX-XXX-XXX
All products in the iShield Key 1.1 & iShield Key 2 series are not affected
Swissbit iShield Key 1.1
Swissbit iShield Key 1.1 FIPS
Swissbit iShield Key 2
Swissbit iShield Key 2 FIPS
Swissbit iShield Key 2 Enterprise
Swissbit iShield Key 2 FIPS Enterprise
PK2000IA0000E-1002-XXX-XXX
PK2000IC0000E-2002-XXX-XXX
PK2000IA0000E-2002-XXX-XXX
To determine whether your iShield Key 1 is affected:
Open the iShield Key Manager and connect your iShield Key 1.
Check the AAGUID field in the FIDO2 card. If it matches one of the following:
931327ddc89b406ca81eed7058ef36c6
5d629218d3a511edafa10242ac120002
Check the Firmware field in the Overview card. If the version is older than 3.35.0, your device is affected.
A sophisticated attacker with specialized equipment and physical access to a iShield Key 1 device running firmware prior to 3.35.0 can extract the private key of a FIDO credential.
For U2F (second-factor) FIDO credentials, the attacker must know the credentialID.
For discoverable FIDO credentials (also known as resident keys or passkeys), knowledge of the relying party ID is sufficient.
Implication: If you consider yourself a potential target of a sophisticated attack, such as one originating from a nation-state actor, you should no longer use an iShield Key 1 device with firmware versions earlier than 3.35.0 for password less multi-factor authentication were possession of the device is the first factor and knowledge of a PIN is the second. In such cases security is effectively reduced to a single factor: possession.
A sophisticated attacker with specialized equipment and physical access to an iShield Key 1 Pro device running firmware prior to version 3.35.0 can extract the private key stored in a PIV slot, if the key is an elliptic curve key.
The extraction method is similar to the one used for FIDO credentials. However, access to the key depends on the slot and PIN configuration:
For slots other than 9C and 9E, the attacker must also know the PIV PIN.
For slots 9C and 9E, the key can be extracted without knowledge of the PIN, making them particularly vulnerable.
Implication: To mitigate the risk of key extraction:
Avoid using elliptic curve keys in PIV slots 9C and 9E.
Ensure that a non-default PIN, PUK, and management key are set on all devices.