A vulnerability was discovered in Infineon’s cryptographic library, which is used in many electronic devices. Certain versions of Yubikeys are affected by this vulnerability when they are used as FIDO2 authenticators.
For more information, visit the following websites:
- NinjaLab Research Article about the vulnerability
- NIST National Vulnerability Database CVE-2024-45678
-
Yubico Security Advisory
The Nymi Band is not affected by this vulnerability.
The vulnerability is related to the Infineon cryptographic library that is used by affected devices for cryptographic operations. The Nymi Band does not use the affected cryptographic library.
FIDO2 is seeing widespread adoption in the industry as a passwordless authentication solution that is resistant to phishing attacks. The Nymi Band is a certified FIDO2 authenticator and fully supports your FIDO2 authentication needs. For environments that do not support FIDO2, the Nymi Band supports other modes of integration to provide secure passwordless authentication to your applications.
Information about products not manufactured by Nymi, or independent websites not controlled or tested by Nymi, is provided without recommendation or endorsement. Nymi assumes no responsibility with regard to the selection, performance, or use of third-party websites or products. Nymi makes no representations regarding third-party website accuracy or reliability.
Comments
0 commentsPlease sign in to leave a comment.