Lucene search

[email protected]CVE-2017-18347

HistoryOct 03, 2022 - 4:23 p.m.

CVE-2017-18347

2022-10-0316:23:14

CWE-362

[email protected]

web.nvd.nist.gov

cve-2017-18347

rdp level 1

stmicroelectronics

stm32f0

access control

firmware extraction

race condition

swd

serial wire debug

flash protection

4.9 Medium

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

NONE

Availability Impact

NONE

AV:L/AC:L/Au:N/C:C/I:N/A:N

4.6 Medium

CVSS3

Attack Vector

PHYSICAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

4.9 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

28.5%

JSON

Incorrect access control in RDP Level 1 on STMicroelectronics STM32F0 series devices allows physically present attackers to extract the device’s protected firmware via a special sequence of Serial Wire Debug (SWD) commands because there is a race condition between full initialization of the SWD interface and the setup of flash protection.

Affected configurations

NVD

Node

ststm32f071rbMatch-

AND

ststm32f071rb_firmwareMatch-

Node

ststm32f071v8Match-

AND

ststm32f071v8_firmwareMatch-

Node

ststm32f071vb_firmwareMatch-

AND

ststm32f071vbMatch-

Node

ststm32f072c8_firmwareMatch-

AND

ststm32f072c8Match-

Node

ststm32f072cb_firmwareMatch-

AND

ststm32f072cbMatch-

Node

ststm32f072r8_firmwareMatch-

AND

ststm32f072r8Match-

Node

ststm32f072rb_firmwareMatch-

AND

ststm32f072rbMatch-

Node

ststm32f072v8_firmwareMatch-

AND

ststm32f072v8Match-

Node

ststm32f072vb_firmwareMatch-

AND

ststm32f072vbMatch-

Node

ststm32f078cb_firmwareMatch-

AND

ststm32f078cbMatch-

Node

ststm32f078rb_firmwareMatch-

AND

ststm32f078rbMatch-

Node

ststm32f078vb_firmwareMatch-

AND

ststm32f078vbMatch-

Node

ststm32f091cb_firmwareMatch-

AND

ststm32f091cbMatch-

Node

ststm32f091cc_firmwareMatch-

AND

ststm32f091ccMatch-

Node

ststm32f091rb_firmwareMatch-

AND

ststm32f091rbMatch-

Node

ststm32f091rc_firmwareMatch-

AND

ststm32f091rcMatch-

Node

ststm32f091vb_firmwareMatch-

AND

ststm32f091vbMatch-

Node

ststm32f091vc_firmwareMatch-

AND

ststm32f091vcMatch-

Node

ststm32f098cc_firmwareMatch-

AND

ststm32f098ccMatch-

Node

ststm32f098rc_firmwareMatch-

AND

ststm32f098rcMatch-

Node

ststm32f098vc_firmwareMatch-

AND

ststm32f098vcMatch-

Node

ststm32f070c6_firmwareMatch-

AND

ststm32f070c6Match-

Node

ststm32f070cb_firmwareMatch-

AND

ststm32f070cbMatch-

Node

ststm32f070f6_firmwareMatch-

AND

ststm32f070f6Match-

Node

ststm32f070rb_firmwareMatch-

AND

ststm32f070rbMatch-

Node

ststm32f071c8_firmwareMatch-

AND

ststm32f071c8Match-

Node

ststm32f071cb_firmwareMatch-

AND

ststm32f071cbMatch-

Node

ststm32f051t8_firmwareMatch-

AND

ststm32f051t8Match-

Node

ststm32f058c8_firmwareMatch-

AND

ststm32f058c8Match-

Node

ststm32f058r8_firmwareMatch-

AND

ststm32f058r8Match-

Node

ststm32f058t8_firmwareMatch-

AND

ststm32f058t8Match-

Node

ststm32f070c6_firmwareMatch-

AND

ststm32f070c6Match-

Node

ststm32f051k4_firmwareMatch-

AND

ststm32f051k4Match-

Node

ststm32f051k6_firmwareMatch-

AND

ststm32f051k6Match-

Node

ststm32f051k8_firmwareMatch-

AND

ststm32f051k8Match-

Node

ststm32f051r4_firmwareMatch-

AND

ststm32f051r4Match-

Node

ststm32f051r6_firmwareMatch-

AND

ststm32f051r6Match-

Node

ststm32f051r8_firmwareMatch-

AND

ststm32f051r8Match-

Node

ststm32f042t6_firmwareMatch-

AND

ststm32f042t6Match-

Node

ststm32f048c6_firmwareMatch-

AND

ststm32f048c6Match-

Node

ststm32f048g6_firmwareMatch-

AND

ststm32f048g6Match-

Node

ststm32f048t6_firmwareMatch-

AND

ststm32f048t6Match-

Node

ststm32f051c4_firmwareMatch-

AND

ststm32f051c4Match-

Node

ststm32f051c6_firmwareMatch-

AND

ststm32f051c6Match-

Node

ststm32f051c8_firmwareMatch-

AND

ststm32f051c8Match-

Node

ststm32f042f4_firmwareMatch-

AND

ststm32f042f4Match-

Node

ststm32f042f6_firmwareMatch-

AND

ststm32f042f6Match-

Node

ststm32f042g4_firmwareMatch-

AND

ststm32f042g4Match-

Node

ststm32f042g6_firmwareMatch-

AND

ststm32f042g6Match-

Node

ststm32f042k4_firmwareMatch-

AND

ststm32f042k4Match-

Node

ststm32f042k6_firmwareMatch-

AND

ststm32f042k6Match-

Node

ststm32f038c6_firmwareMatch-

AND

ststm32f038c6Match-

Node

ststm32f038e6_firmwareMatch-

AND

ststm32f038e6Match-

Node

ststm32f038f6_firmwareMatch-

AND

ststm32f038f6Match-

Node

ststm32f038g6_firmwareMatch-

AND

ststm32f038g6Match-

Node

ststm32f038k6_firmwareMatch-

AND

ststm32f038k6Match-

Node

ststm32f042c4_firmwareMatch-

AND

ststm32f042c4Match-

Node

ststm32f042c6_firmwareMatch-

AND

ststm32f042c6Match-

Node

ststm32f031e6_firmwareMatch-

AND

ststm32f031e6Match-

Node

ststm32f031f4_firmwareMatch-

AND

ststm32f031f4Match-

Node

ststm32f031f6_firmwareMatch-

AND

ststm32f031f6Match-

Node

ststm32f031g4_firmwareMatch-

AND

ststm32f031g4Match-

Node

ststm32f031g6Match-

AND

ststm32f031g6_firmwareMatch-

Node

ststm32f031k4_firmwareMatch-

AND

ststm32f031k4Match-

Node

ststm32f030f4_firmwareMatch-

AND

ststm32f030f4Match-

Node

ststm32f030k6_firmwareMatch-

AND

ststm32f030k6Match-

Node

ststm32f030r8_firmwareMatch-

AND

ststm32f030r8Match-

Node

ststm32f030rc_firmwareMatch-

AND

ststm32f030rcMatch-

Node

ststm32f031c4Match-

AND

ststm32f031c4_firmwareMatch-

Node

ststm32f031c6Match-

AND

ststm32f031c6_firmwareMatch-

Node

ststm32f030c6Match-

AND

ststm32f030c6_firmwareMatch-

Node

ststm32f030c8Match-

AND

ststm32f030c8_firmwareMatch-

Node

ststm32f030ccMatch-

AND

ststm32f030cc_firmwareMatch-

CPENameOperatorVersion
st:stm32f071rb_firmwarest stm32f071rb firmwareeq-

CPE	Name	Operator	Version
st:stm32f071rb_firmware	st stm32f071rb firmware	eq	-

References

community.st.com/s/question/0D50X00009Xke7aSAB/readout-protection-cracked-on-stm32

www.aisec.fraunhofer.de/en/FirmwareProtection.html

www.usenix.org/conference/woot17/workshop-program/presentation/obermaier

4.9 Medium

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

NONE

Availability Impact

NONE

AV:L/AC:L/Au:N/C:C/I:N/A:N

4.6 Medium

CVSS3

Attack Vector

PHYSICAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

4.9 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

28.5%

JSON

Related for CVE-2017-18347

prion1 nvd1 cvelist1