Security Advisories RSS

Security Advisories and Updates

CVE-2018-19589 - PKCS#11 Security Officer Rights

Utimaco has been informed about a vulnerability affecting Utimaco’s product package “SecurityServer”: a PKCS#11 Security Officer of a specific PKCS#11 slot is able to read attributes of keys in a different slot, and delete keys in a different slot, if such keys are stored in external key storage outside the HSM. This vulnerability has been filed under ID CVE-2018-19589 in the “Common Vulnerabilities and Exposures” list. Please consult  CVE-2018-19589 Security Advisory for more information.