CVE-2021-42023

CVE-2021-42023

Vendor Siemens
Product ModelSim Simulation
Weakness CWE-522 · Insufficiently protected credentials
Published December 14, 2021
Last update August 4, 2024

CVSS base score

What the vulnerability does

01Description

A vulnerability has been identified in ModelSim Simulation (All versions), Questa Simulation (All versions). The RSA white-box implementation in affected applications insufficiently protects the built-in private keys that are required to decrypt electronic intellectual property (IP) data in accordance with the IEEE 1735 recommended practice. This could allow a sophisticated attacker to discover the keys, bypassing the protection intended by the IEEE 1735 recommended practice.

Key dates

02Disclosure timeline

December 14, 2021 CVE published
August 4, 2024 Record updated