Security researchers have detected a vulnerability in YubiKey two-factor authentication tokens that enables attackers to clone the device according to a new security advisory. The vulnerability was discovered within the Infineon cryptographic library used by most YubiKey products, including the YubiKey 5, Yubikey Bio, Security Key, and YubiHSM 2 series devices.
YubiKey manufacturer Yubico says the severity of the side-channel vulnerability is “moderate” but is difficult to exploit, partly…
