STMicroelectronics STM32L4 devices through 2020-10-19 have incorrect access control. The flash read-out protection (RDP) can be degraded from RDP level 2 (no access via debug interface) to level 1 (limited access via debug interface) by injecting a fault during the boot...
7CVSS
6.8AI Score
0.0004EPSS
STMicroelectronics STM32L4 devices through 2021-03-29 have incorrect physical access...
6.1CVSS
6.2AI Score
0.001EPSS
Bleichenbacher's attack on PKCS #1 v1.5 padding for RSA in STM32 cryptographic firmware library software expansion for STM32Cube (UM1924). The vulnerability can allow one to use Bleichenbacher's oracle attack to decrypt an encrypted ciphertext by making successive queries to the server using the...
5.9CVSS
5.5AI Score
0.002EPSS