CVE-2025-7383

Medium CVSS: 5.9

Padding oracle attack vulnerability in Oberon microsystem AG’s Oberon PSA Crypto library in all versions since 1.0.0 and prior to 1.5.1 allows an attacker to recover plaintexts via timing measurements of AES-CBC PKCS#7 decrypt operations.

Vendor

Product

CWE

CWE-208

Yayın Tarihi

2025-08-29 10:15:32

Güncelleme

2025-08-29 16:24:29

Source Identifier

vulnerability@ncsc.ch

KEV Date Added

Kategoriler

CWE-208 MEDIUM 2025

Referanslar

https://www.oberon.ch/security-advisories/cve-2025-7383/