CVE-2025-25201
- Source
- https://nvd.nist.gov/vuln/detail/CVE-2025-25201
- Import Source
- https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2025-25201.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/CVE-2025-25201
- Aliases
-
- GHSA-jfhm-ppq8-7hgx
- Published
- 2025-02-12T19:15:21Z
- Modified
- 2025-05-24T03:44:03.908998Z
- Summary
- [none]
- Details
-
Nitrokey 3 Firmware is the the firmware of Nitrokey 3 USB keys. For release 1.8.0, and test releases with PIV enabled prior to 1.8.0, the PIV application could accept invalid keys for authentication of the admin key. This could lead to compromise of the integrity of the data stored in the application. An attacker without access to the proper administration key would be able to generate new keys and overwrite certificates. Such an attacker would not be able to read-out or extract existing private data, nor would they be able to gain access to cryptographic operations that would normally require PIN-based authentication. The issue is fixed in piv-authenticator 0.3.9, and in Nitrokey's firmware 1.8.1.
- References
Affected packages
Git / github.com/nitrokey/nitrokey-3-firmware
Affected ranges
- Type
- GIT
- Repo
- https://github.com/nitrokey/nitrokey-3-firmware
- Events
-
Introduced0 Unknown introduced commit / All previous commits are affectedFixed
Affected versions
0.*
0.0.0
0.0.0-78-g695167e
v0.*
v0.2.0
v0.2.1
v0.3.0
v0.3.1
v0.4.0
v1.*
v1.0.0
v1.0.1
v1.0.1-rc.1
v1.0.1-rc.1-7-g519ca9e
v1.0.2
v1.0.2-rc.1
v1.0.3
v1.0.3-rc.1
v1.0.4
v1.0.4-rc.1
v1.0.4-rc.2
v1.0.4-rc.3
v1.1.0
v1.1.0-rc.1
v1.2.0
v1.2.1
v1.2.2
v1.2.2-2-g01757c8
v1.2.2-alpha.20221125
v1.2.2-alpha.20221130
v1.2.2-alpha.20230224
v1.2.2-alpha.20230224-40-ga6e4c91
v1.2.2-alpha.opcard.0.2.0.oath.0.3.0
v1.3.0
v1.3.0-alpha.20230320
v1.3.0-rc.1
v1.3.1
v1.3.1-test.20230414
v1.3.1-test.20230417
v1.4.0
v1.4.0-rc.1
v1.4.0-rc.2
v1.5.0
v1.5.0-test.20230605
v1.5.0-test.20230613
v1.5.0-test.20230704
v1.5.0-test.20231026
v1.5.0-test.20231030
v1.6.0
v1.6.0-rc.1
v1.6.0-test.20231204
v1.6.0-test.20231206
v1.6.0-test.20231218
v1.7.0
v1.7.0-rc.1
v1.7.0-rc.2
v1.7.0-rc.3
v1.7.1
v1.7.2
v1.7.2-test.20240625
v1.7.2-test.20240808
v1.7.2-test.20240813
v1.7.2-test.20241022
v1.8.0
v1.8.0-rc.1
v1.8.0-rc.2