The P1735 IEEE standard describes flawed methods for encrypting electronic-design intellectual property (IP), as well as the management of access rights for such IP, including modification of encrypted IP cyphertext to insert hardware trojans. The methods are flawed and, in the most egregious cases, enable attack vectors that allow recovery of the entire underlying plaintext IP. Implementations of IEEE P1735 may be weak to cryptographic attacks that allow an attacker to obtain plaintext intellectual property without the key, among other impacts.
結論預警: CVE-2017-13093 綜合評估為中等風險(44.1/100):CVSS 技術影響為高級,利用機率偏低(EPSS 0.46%) 強制指令: 梳理受影響資產並納入修補計畫。
風險隨態勢動態變化;本站持續評估並同步更新本頁展示內容。
EPSS 日更估計相對被利用可能性;百分位表示該 CVE 在已評分漏洞中的相對排名(越高表示相對更嚴重)。
| # | 日期 | 舊 EPSS 分數 | 新 EPSS 分數 | 變化(新 − 舊) |
|---|---|---|---|---|
| 1 | 2026-06-15 | 0.10% | 0.46% | +0.36% |
| 2 | 2025-03-17 | 0.04% | 0.10% | +0.05% |
| 3 | 2023-03-07 | — | 0.04% | — |
完整 EPSS 歷史 (共 5 筆)
該 CVE 的 CVSS 指標。
| 底座分 | 版本 | 嚴重度 | 向量 | 可利用性 | 影響 | 分數來源 |
|---|---|---|---|---|---|---|
| 7.8 | 3.0 | HIGH |
|
1.8 | 5.9 | [email protected] |
| 4.6 | 2.0 | MEDIUM |
|
3.9 | 6.4 | [email protected] |
: According to https://www.kb.cert.org/vuls/id/739007: The P1735 IEEE standard describes methods for encrypting electronic-design intellectual property (IP), as well as the management of access rights for such IP. The methods are flawed and, in the most egregious cases, enable attack vectors that allow recovery of the entire underlying plaintext IP. Implementations of IEEE P1735 may be weak to cryptographic attacks that allow an attacker to obtain plaintext intellectual property without the key, among other impacts. <br /> Commercial electronic design automation (EDA) tools that utilize the P1735 standard, or products designed with such EDA tools may be vulnerable. <br /> The CPE configuration provided is likely not inclusive of all vulnerable products. Please contact the vendor of your product for more information.
| URL | 標籤 |
|---|---|
| http://www.securityfocus.com/bid/101699 | Third Party Advisory VDB Entry |
| https://www.kb.cert.org/vuls/id/739007 | Third Party Advisory US Government Resource |