CVE-2024-45678 Overview
CVE-2024-45678 is a side channel attack vulnerability affecting Yubico YubiKey 5 Series devices with firmware before version 5.7.0 and YubiHSM 2 devices with firmware before 2.4.0. The vulnerability, dubbed "EUCLEAK," enables an ECDSA secret-key extraction attack through electromagnetic side channel analysis. The attack exploits a non-constant-time modular inversion implementation in the Extended Euclidean Algorithm used by the underlying Infineon cryptographic library.
Critical Impact
An attacker with physical access to a vulnerable YubiKey device and specialized electromagnetic analysis equipment could potentially extract the ECDSA private key, enabling device cloning and authentication bypass for high-value targets.
Affected Products
- Yubico YubiKey 5 Series (all variants) with firmware before 5.7.0
- Yubico YubiKey 5 FIPS Series (all variants) with firmware before 5.7.0
- Yubico YubiKey Bio Series (FIDO Edition) with firmware before 5.7.0
- Yubico Security Key by Yubico (NFC and C NFC variants)
- Yubico YubiHSM 2 and YubiHSM 2 FIPS with firmware before 2.4.0
Discovery Timeline
- September 03, 2024 - CVE-2024-45678 published to NVD
- March 17, 2025 - Last updated in NVD database
Technical Details for CVE-2024-45678
Vulnerability Analysis
The EUCLEAK vulnerability (CWE-203: Observable Discrepancy) exists within the Infineon cryptographic library used by Yubico hardware security devices. The flaw stems from a timing side channel in the modular inversion operation performed during ECDSA signature generation. Specifically, the Extended Euclidean Algorithm implementation does not execute in constant time, allowing electromagnetic emanations to leak information about the internal cryptographic state during signature operations.
The attack requires physical possession of the target device and sophisticated electromagnetic analysis equipment to capture and analyze side-channel emissions. While the attack complexity is high due to the specialized equipment and expertise required, successful exploitation would allow an attacker to reconstruct the ECDSA private key and create a functional clone of the security key.
Root Cause
The root cause of CVE-2024-45678 lies in the Infineon cryptographic library's implementation of modular inversion using the Extended Euclidean Algorithm. This implementation exhibits variable execution time depending on the input values being processed, creating an observable timing discrepancy. During ECDSA signature generation, the modular inverse of the ephemeral key (nonce) is calculated, and the non-constant-time behavior leaks information through electromagnetic side channels that correlates with the secret key material.
Attack Vector
The attack requires physical access to a vulnerable YubiKey device and specialized equipment capable of measuring electromagnetic emanations during cryptographic operations. The attacker must:
- Gain physical possession of the target device
- Position electromagnetic probes in close proximity to the device's secure element
- Trigger multiple ECDSA signature operations while capturing EM traces
- Perform statistical analysis on the captured traces to recover key material
- Reconstruct the ECDSA private key from the extracted information
The attack methodology is detailed in the NinjaLab EUCLEAK research paper. Due to the physical access requirement and expensive specialized equipment needed, this attack primarily represents a threat to high-value targets where adversaries are motivated and well-resourced.
Detection Methods for CVE-2024-45678
Indicators of Compromise
- Physical tampering evidence on YubiKey devices or their protective cases
- Unexpected authentication events from registered security keys when the legitimate user is not present
- Security key firmware version below 5.7.0 detected in device inventory audits
- Unusual or unexplained periods where a security key was not in the user's possession
Detection Strategies
- Implement asset tracking and chain-of-custody procedures for hardware security keys
- Deploy device attestation verification to confirm firmware versions and detect potentially compromised devices
- Monitor authentication logs for anomalous patterns such as simultaneous authentications from different locations
- Conduct regular inventory audits to verify firmware versions across all deployed YubiKey devices
Monitoring Recommendations
- Enable detailed logging for all security key authentication events in identity providers
- Configure alerts for authentication attempts from known security keys during unusual hours or from unexpected locations
- Implement user behavior analytics to detect authentication patterns inconsistent with normal usage
- Monitor for multiple concurrent sessions that would suggest key cloning
How to Mitigate CVE-2024-45678
Immediate Actions Required
- Audit all deployed YubiKey 5 Series and YubiHSM 2 devices to identify those running vulnerable firmware versions
- Prioritize replacement of devices assigned to high-value targets such as executives, system administrators, and personnel with access to sensitive systems
- Implement strict physical security controls for security keys pending device replacement
- Review and enhance chain-of-custody procedures for all hardware authentication devices
Patch Information
Yubico has released firmware version 5.7.0 for YubiKey 5 Series devices and firmware version 2.4.0 for YubiHSM 2 devices that addresses this vulnerability. However, YubiKey devices do not support field firmware updates due to security design constraints. Organizations must replace affected devices with units manufactured with the patched firmware. Refer to the Yubico Security Advisory YSA-2024-03 and Yubico Support Article for device replacement guidance and eligibility information.
Workarounds
- Implement additional authentication factors beyond the potentially affected hardware key to add defense in depth
- Restrict physical access to security keys through secure storage solutions when not in active use
- Consider rotating cryptographic credentials and re-enrolling security keys where feasible
- For YubiHSM 2 deployments, evaluate network-based HSM alternatives that can receive firmware updates while planning device replacement
# Check YubiKey firmware version using ykman (YubiKey Manager CLI)
ykman info
# Example output showing firmware version:
# Device type: YubiKey 5 NFC
# Serial number: XXXXXXXX
# Firmware version: 5.4.3 # Vulnerable if below 5.7.0
# For organizations, audit all devices:
# Create inventory of devices requiring replacement
Disclaimer: This content was generated using AI. While we strive for accuracy, please verify critical information with official sources.
