A critical vulnerability has been identified in Infineon’s cryptographic library, which is used in YubiKey 5 Series, Security Key Series, and YubiHSM 2 devices with outdated firmware, which could potentially allow attackers to recover private keys stored on these devices, posing a significant security threat.
The vulnerability primarily affects FIDO use cases but may also impact PIV, OpenPGP, and YubiHSM 2 applications depending on configuration. Yubico has mitigated the issue by replacing the Infineon library with its own proprietary cryptographic implementation, reducing the risk of future supply chain vulnerabilities.
It has released firmware updates for their hardware security keys and HSMs that address a security vulnerability. The affected devices include YubiKey 5 Series, YubiKey 5 FIPS Series, YubiKey Bio Series, Security Key Series, YubiHSM 2, and YubiHSM 2 FIPS.
To mitigate the risk, they recommend users update their devices to the latest firmware versions: 5.7.0 or newer for YubiKey 5 Series, Security Key Series, and YubiHSM 2; 5.7 and newer for YubiKey 5 FIPS Series (FIPS submission in process); and 5.7.2 or newer for YubiKey Bio Series.
YubiKey 5, 5 FIPS, 5 CSPN, and Bio Series versions prior to 5.7, Security Key Series all versions prior to 5.7, and YubiHSM 2 and 2 FIPS versions prior to 2.4.0 are vulnerable to security risks.
These devices may have outdated firmware that could be exploited by malicious actors, potentially compromising sensitive data and authentication processes. Users of these devices are strongly advised to update their firmware to the latest available version to mitigate these vulnerabilities.
To determine if users are affected by a YubiKey or YubiHSM 2 vulnerability, first use Yubico Authenticator to identify the model and version of your YubiKey. The series and model will be displayed in the upper left corner of the home screen.
For YubiHSM 2, connect to it using the YubiHSM SDK and execute the `get deviceinfo` command to retrieve its version. By comparing these versions to known vulnerable versions, users can assess their risk and take appropriate actions, such as updating firmware or following security advisories.
The Infineon cryptographic library’s ECDSA implementation is vulnerable to a side-channel attack, which could potentially compromise ECDSA private keys used in YubiKey and YubiHSM devices, affecting FIDO, PIV, OpenPGP, and YubiHSM 2 signing and attestation.
An attacker with physical access and specialized equipment could exploit this vulnerability by observing the vulnerable operation, which may require additional information like account details or authentication keys, which could lead to the recovery of private keys, resulting in unauthorized access or signature forgery.