Lucene search

[email protected]NVD:CVE-2017-7936

HistoryAug 07, 2017 - 8:29 a.m.

CVE-2017-7936

2017-08-0708:29:00

CWE-121

CWE-119

[email protected]

web.nvd.nist.gov

4.4 Medium

CVSS2

Attack Vector

LOCAL

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:M/Au:N/C:P/I:P/A:P

6.3 Medium

CVSS3

Attack Vector

PHYSICAL

Attack Complexity

HIGH

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:P/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

0.0004 Low

EPSS

Percentile

0.4%

JSON

A stack-based buffer overflow issue was discovered in NXP i.MX 50, i.MX 53, i.MX 6ULL, i.MX 6UltraLite, i.MX 6SoloLite, i.MX 6Solo, i.MX 6DualLite, i.MX 6SoloX, i.MX 6Dual, i.MX 6Quad, i.MX 6DualPlus, i.MX 6QuadPlus, Vybrid VF3xx, Vybrid VF5xx, and Vybrid VF6xx. When the device is configured in security enabled configuration, SDP could be used to download a small section of code to an unprotected region of memory.

Affected configurations

NVD

Node

nxpvybrid_mvf30nn151cku26_firmwareMatch-

AND

nxpvybrid_mvf30nn151cku26Match-

Node

nxpvybrid_mvf30ns151cku26_firmwareMatch-

AND

nxpvybrid_mvf30ns151cku26Match-

Node

nxpvybrid_mvf50nn151cmk40_firmwareMatch-

AND

nxpvybrid_mvf50nn151cmk40Match-

Node

nxpvybrid_mvf50nn151cmk50_firmwareMatch-

AND

nxpvybrid_mvf50nn151cmk50Match-

Node

nxpvybrid_mvf50ns151cmk40_firmwareMatch-

AND

nxpvybrid_mvf50ns151cmk40Match-

Node

nxpvybrid_mvf50ns151cmk50_firmwareMatch-

AND

nxpvybrid_mvf50ns151cmk50Match-

Node

nxpvybrid_mvf51nn151cmk50_firmwareMatch-

AND

nxpvybrid_mvf51nn151cmk50Match-

Node

nxpvybrid_mvf51ns151cmk50_firmwareMatch-

AND

nxpvybrid_mvf51ns151cmk50Match-

Node

nxpvybrid_mvf60nn151cmk40_firmwareMatch-

AND

nxpvybrid_mvf60nn151cmk40Match-

Node

nxpvybrid_mvf60ns151cmk40_firmwareMatch-

AND

nxpvybrid_mvf60ns151cmk40Match-

Node

nxpvybrid_mvf60nn151cmk50_firmwareMatch-

AND

nxpvybrid_mvf60nn151cmk50Match-

Node

nxpvybrid_mvf60ns151cmk50_firmwareMatch-

AND

nxpvybrid_mvf60ns151cmk50Match-

Node

nxpvybrid_mvf61nn151cmk50_firmwareMatch-

AND

nxpvybrid_mvf61nn151cmk50Match-

Node

nxpvybrid_mvf61ns151cmk50_firmwareMatch-

AND

nxpvybrid_mvf61ns151cmk50Match-

Node

nxpvybrid_mvf62nn151cmk40_firmwareMatch-

AND

nxpvybrid_mvf62nn151cmk40Match-

Node

nxpi.mx_50_firmwareMatch-

AND

nxpi.mx_50Match-

Node

nxpi.mx_53_firmwareMatch-

AND

nxpi.mx_53Match-

Node

nxpi.mx_6ull_firmwareMatch-

AND

nxpi.mx_6ullMatch-

Node

nxpi.mx_6ultralite_firmwareMatch-

AND

nxpi.mx_6ultraliteMatch-

Node

nxpi.mx_6sololite_firmwareMatch-

AND

nxpi.mx_6sololiteMatch-

Node

nxpi.mx_6solo_firmwareMatch-

AND

nxpi.mx_6soloMatch-

Node

nxpi.mx_6duallite_firmwareMatch-

AND

nxpi.mx_6dualliteMatch-

Node

nxpi.mx_6solox_firmwareMatch-

AND

nxpi.mx_6soloxMatch-

Node

nxpi.mx_6dual_firmwareMatch-

AND

nxpi.mx_6dualMatch-

Node

nxpi.mx_6quad_firmwareMatch-

AND

nxpi.mx_6quadMatch-

Node

nxpi.mx_6quadplus_firmwareMatch-

AND

nxpi.mx_6quadplusMatch-

Node

nxpi.mx_6dualplus_firmwareMatch-

AND

nxpi.mx_6dualplusMatch-

References

www.securityfocus.com/bid/99966

ics-cert.us-cert.gov/advisories/ICSA-17-152-02

4.4 Medium

CVSS2

Attack Vector

LOCAL

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:M/Au:N/C:P/I:P/A:P

6.3 Medium

CVSS3

Attack Vector

PHYSICAL

Attack Complexity

HIGH

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:P/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

0.0004 Low

EPSS

Percentile

0.4%

JSON

Related for NVD:CVE-2017-7936

prion1 cvelist1 cve1 ics1