Lucene search
IcscertCVELIST:CVE-2017-7932HistoryAug 07, 2017 - 8:00 a.m.
CVE-2017-7932
2017-08-0708:00:00
CWE-295
icscert
www.cve.org
An improper certificate validation issue was discovered in NXP i.MX 28 i.MX 50, i.MX 53, i.MX 7Solo i.MX 7Dual Vybrid VF3xx, Vybrid VF5xx, Vybrid VF6xx, i.MX 6ULL, i.MX 6UltraLite, i.MX 6SoloLite, i.MX 6Solo, i.MX 6DualLite, i.MX 6SoloX, i.MX 6Dual, i.MX 6Quad, i.MX 6DualPlus, and i.MX 6QuadPlus. When the device is configured in security enabled configuration, under certain conditions it is possible to bypass the signature verification by using a specially crafted certificate leading to the execution of an unsigned image.
CNA Affected
[
{
"product": "NXP i.MX Product Family",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "NXP i.MX Product Family"
}
]
}
]Related
cve
cve
CVE-2017-7932
2017-08-07 08:29:00
prion
prion
Input validation
2017-08-07 08:29:00
nvd
nvd
CVE-2017-7932
2017-08-07 08:29:00
ics
ics
NXP i.MX Product Family
2017-07-25 12:00:00