Search criteria
6 vulnerabilities found for stm32cubel4_firmware by st
FKIE_CVE-2021-29414
Vulnerability from fkie_nvd - Published: 2021-05-21 12:15 - Updated: 2024-11-21 06:01
Severity ?
Summary
STMicroelectronics STM32L4 devices through 2021-03-29 have incorrect physical access control.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:st:stm32cubel4_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "58BD1AB3-D6E9-4704-870F-78A8211058A3",
"versionEndIncluding": "1.17.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:st:stm32l412c8:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EE6E39D8-1FA9-40D9-9FA6-DDD59467973A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:st:stm32l412cb:-:*:*:*:*:*:*:*",
"matchCriteriaId": "656EC4C6-C89D-4918-A0BF-7059BFF00D19",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:st:stm32l412k8:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1486ED41-0619-4BF1-BD12-BECE9080F706",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:st:stm32l412kb:-:*:*:*:*:*:*:*",
"matchCriteriaId": "090FF8B5-B0E8-44EB-A0F1-023CE54A3196",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:st:stm32l412r8:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0E7C1F55-06F5-4747-BFE0-06516E756285",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:st:stm32l412rb:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0869445D-F160-4831-B732-10462065199D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:st:stm32l412t8:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8D0F3A5C-D834-43FE-8E84-FFB1821B2978",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:st:stm32l412tb:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BAAB3073-BBB9-4109-A659-85129C408C99",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:st:stm32l422cb:-:*:*:*:*:*:*:*",
"matchCriteriaId": "035D5B2C-145D-4E11-9D54-3AF7F8A22D39",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:st:stm32l422kb:-:*:*:*:*:*:*:*",
"matchCriteriaId": "062D2AFB-99BF-4667-A524-F12CED0369D4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:st:stm32l422rb:-:*:*:*:*:*:*:*",
"matchCriteriaId": "83D02638-ABD6-4833-B807-418DF67254E5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:st:stm32l422tb:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7CD94AAC-DC27-4E9E-B3A6-A7F7AF5640DE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:st:stm32l431cb:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B4A7F68D-7946-4242-9426-DF5A4B7A68F4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:st:stm32l431cc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E1257FB0-8FC8-4557-B0E9-D9443FD17B70",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:st:stm32l431kb:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7B901139-82CE-44F9-938F-0888E11A94E4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:st:stm32l431kc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B0BE0670-D275-411D-9079-DE37D3A638A0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:st:stm32l431rb:-:*:*:*:*:*:*:*",
"matchCriteriaId": "63D5BFC3-0262-4768-8A36-44CAD2EDF6DD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:st:stm32l431rc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FA166E5A-D606-4B21-BF9D-A7E2CC061FFC",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:st:stm32l431vc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "026E2832-299E-441B-8159-469818D34B73",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:st:stm32l432kb:-:*:*:*:*:*:*:*",
"matchCriteriaId": "23232D34-AEE8-4F9B-863B-014237E98BBE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:st:stm32l432kc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A89FCA2A-C8C1-4DB7-A9BE-364DB0C96F51",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:st:stm32l433cb:-:*:*:*:*:*:*:*",
"matchCriteriaId": "143BC837-1ADB-447F-BE9D-FE8CC4112B0C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:st:stm32l433cc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "006CD265-E9D8-4703-BDD6-5BD91A1FEEAD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:st:stm32l433rb:-:*:*:*:*:*:*:*",
"matchCriteriaId": "77951EEF-8FDA-49B5-AF9A-38E26CD5467C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:st:stm32l433rc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BC72EDD2-C748-43FC-AD9E-D2B1C8377447",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:st:stm32l433vc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6D2D68B5-0D9F-4E11-9541-4BB6EC57467A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:st:stm32l442kc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C9649CB7-C49C-4069-9900-B51FA932B638",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:st:stm32l443cc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AD99B13E-CB3E-4512-9D85-E759AAFC1F47",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:st:stm32l443rc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2517595A-3C84-4BD2-B13A-3A62440E65A8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:st:stm32l443vc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3C9F2C47-D80F-4788-9395-DF37D911E329",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:st:stm32l451cc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5ACDB7FA-5104-4D06-AA68-86A92DDCDD69",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:st:stm32l451ce:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F9104106-0FA1-4FEF-9BD7-7A830C3012A2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:st:stm32l451rc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8024755E-DC3C-4F95-A398-00E5D3AB1D51",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:st:stm32l451re:-:*:*:*:*:*:*:*",
"matchCriteriaId": "977C55C7-088F-4015-8F6D-8022555A0A96",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:st:stm32l451vc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "67D54F31-9381-4525-A4B4-9CC508DA61BA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:st:stm32l451ve:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E666A6A2-B26E-4E6A-8D37-FCABA928BCB6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:st:stm32l452cc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "50758578-1653-4707-9278-20A5325E1C76",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:st:stm32l452ce:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A4C0133F-6C5B-4172-96E4-36E143EFC901",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:st:stm32l452rc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "43EA0D41-F6E9-4EBF-9FB8-5CBE2EC4EED3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:st:stm32l452re:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5D5AB2A2-90FB-4B89-951A-21ABEE291313",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:st:stm32l452vc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "75921015-6EBE-48FB-B1CC-991F33E649D8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:st:stm32l452ve:-:*:*:*:*:*:*:*",
"matchCriteriaId": "666BC6A5-A454-44B3-93E1-EDA4270306AF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:st:stm32l462ce:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AF13FEFB-7023-4811-9727-612C798AB9CA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:st:stm32l462re:-:*:*:*:*:*:*:*",
"matchCriteriaId": "ADB66B66-CC36-4B33-BC90-9626A0AC4896",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:st:stm32l462ve:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E46D7583-56E0-4BEE-8466-616ED64EFE89",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:st:stm32l471qe:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9D973E5F-E99E-473E-9C18-A26CEB16D825",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:st:stm32l471qg:-:*:*:*:*:*:*:*",
"matchCriteriaId": "41953CCF-4531-40CA-923B-C5D9FB0192F9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:st:stm32l471re:-:*:*:*:*:*:*:*",
"matchCriteriaId": "090246FF-4948-4853-AF94-72A742EC982F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:st:stm32l471rg:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C5979017-D47B-4ACA-B983-E7FFBC2ED279",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:st:stm32l471ve:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1ECDBD4F-A5EC-4359-945D-149E48597EF6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:st:stm32l471vg:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B9AC2AF4-B18A-406C-8246-4C5BBE24D3D0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:st:stm32l471ze:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5759079D-E639-4D7A-AA51-362FEA37E25E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:st:stm32l471zg:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4173516B-0D69-4997-BF09-5E78555CB2C9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:st:stm32l475rc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "046E8570-7698-4697-9097-7E67BA8FC717",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:st:stm32l475re:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6642FFF0-BA5A-41D6-8869-08612992BEBB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:st:stm32l475rg:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0F6BDC59-15B6-4F55-A809-6A6652ED1D2F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:st:stm32l475vc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A1724A6F-E778-48B9-947A-E9CC1898A2A2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:st:stm32l475ve:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E7E2AA9A-AFFB-4198-8B71-D44751247ADE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:st:stm32l475vg:-:*:*:*:*:*:*:*",
"matchCriteriaId": "587EBE57-D17D-4C35-A444-4D4E4712E77E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:st:stm32l476je:-:*:*:*:*:*:*:*",
"matchCriteriaId": "203B813E-8BB1-4D4C-8136-36781FE6B359",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:st:stm32l476jg:-:*:*:*:*:*:*:*",
"matchCriteriaId": "76B14D64-F333-4FAE-9478-7B36B6C446D0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:st:stm32l476me:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B69D6826-D39C-438B-A2C4-A01E75B99B10",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:st:stm32l476mg:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4B3547A9-0CF6-4489-8224-EC7DE6A7A165",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:st:stm32l476qe:-:*:*:*:*:*:*:*",
"matchCriteriaId": "00398E07-4AC7-43C2-A742-BDC0B7086301",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:st:stm32l476qg:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CBF66C62-CF3F-437F-B512-5A20E4863F92",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:st:stm32l476rc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DBA24AAC-40C1-4160-A18A-ECA05F37D7F4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:st:stm32l476re:-:*:*:*:*:*:*:*",
"matchCriteriaId": "18B1198A-B56C-4423-A814-5C53D85B7A50",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:st:stm32l476rg:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B805224F-C32D-46CF-895A-145DA56EBFE0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:st:stm32l476vc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4298AF59-EAC7-4461-AB8A-32F3DAF31F89",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:st:stm32l476ve:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FF26E4DD-CA16-4367-A9B4-B53853BC97D3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:st:stm32l476vg:-:*:*:*:*:*:*:*",
"matchCriteriaId": "026960AB-9AA0-4306-B498-99043EE29B4F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:st:stm32l476ze:-:*:*:*:*:*:*:*",
"matchCriteriaId": "83043BF9-6608-46FA-AC1E-6CB20876E64A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:st:stm32l476zg:-:*:*:*:*:*:*:*",
"matchCriteriaId": "19621E3B-74B5-4A40-97CD-F21A18EF269F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:st:stm32l486jg:-:*:*:*:*:*:*:*",
"matchCriteriaId": "88E27A41-24EE-4743-9B94-75FA8D908067",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:st:stm32l486qg:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2BC60A8D-7B05-4B42-B9E2-5FAF4A973FFB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:st:stm32l486rg:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CF10BC20-8651-489E-BE78-7D98E784C213",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:st:stm32l486vg:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E9D09908-6E91-4C68-9CD7-F78119D294ED",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:st:stm32l486zg:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FFD984EC-E95F-4625-B3AC-90B683299C33",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:st:stm32l496ae:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9D6363B7-CEFF-43AA-BD06-D5CEE3DB0AEB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:st:stm32l496ag:-:*:*:*:*:*:*:*",
"matchCriteriaId": "28E1D5C1-FD23-4710-A395-E4FA0EAA7877",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:st:stm32l496qe:-:*:*:*:*:*:*:*",
"matchCriteriaId": "04AAE22E-9B62-473A-8E56-682F0F096C31",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:st:stm32l496qg:-:*:*:*:*:*:*:*",
"matchCriteriaId": "683F82C6-CFF0-4690-8553-97E830257F3A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:st:stm32l496re:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DEE686ED-4E8A-458E-9687-78C05FA856BB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:st:stm32l496rg:-:*:*:*:*:*:*:*",
"matchCriteriaId": "32F7EAE0-FEA3-4136-A109-DB40C7AB49D0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:st:stm32l496ve:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B556ADCB-B4D7-4CB3-A9EA-02139BC162B8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:st:stm32l496vg:-:*:*:*:*:*:*:*",
"matchCriteriaId": "10DA488F-9FBE-497E-B633-BFC9491C3212",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:st:stm32l496wg:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EF250736-C0D1-4C11-9DE5-F7C1F2DCCFD7",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:st:stm32l496ze:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DE6AFAD7-DE66-48D1-ACB5-36EBD2DDEECF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:st:stm32l496zg:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A8B5271F-B33F-4A1D-B36C-E7A27660B03B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:st:stm32l4a6ag:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0FAC37A1-9403-4F83-9F7C-F327B68E0C68",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:st:stm32l4a6qg:-:*:*:*:*:*:*:*",
"matchCriteriaId": "35ADDFFF-FD6B-46CD-AB57-A9855CE3A85A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:st:stm32l4a6rg:-:*:*:*:*:*:*:*",
"matchCriteriaId": "016B9844-651D-4DCF-A6B3-C316879D4F96",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:st:stm32l4a6vg:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A56032AB-C5D5-4814-BA6E-DD56E6FC2DAB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:st:stm32l4a6zg:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C0DED864-CDE6-42B8-AB13-5CC46EF5EBCE",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "STMicroelectronics STM32L4 devices through 2021-03-29 have incorrect physical access control."
},
{
"lang": "es",
"value": "Los dispositivos STMicroelectronics STM32L4 hasta el 2021-03-29 presentan un control de acceso f\u00edsico incorrecto"
}
],
"id": "CVE-2021-29414",
"lastModified": "2024-11-21T06:01:03.067",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 3.6,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:L/AC:L/Au:N/C:N/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 4.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "PHYSICAL",
"availabilityImpact": "HIGH",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 0.9,
"impactScore": 5.2,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-05-21T12:15:07.923",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://eprint.iacr.org/2021/640"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://www.aisec.fraunhofer.de/de/das-institut/wissenschaftliche-exzellenz/security-and-trust-in-open-source-security-tokens.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Not Applicable"
],
"url": "https://www.sit.fraunhofer.de/en/news-events/downloads-services/cve/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://eprint.iacr.org/2021/640"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://www.aisec.fraunhofer.de/de/das-institut/wissenschaftliche-exzellenz/security-and-trust-in-open-source-security-tokens.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Not Applicable"
],
"url": "https://www.sit.fraunhofer.de/en/news-events/downloads-services/cve/"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-74"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2020-27212
Vulnerability from fkie_nvd - Published: 2021-05-21 12:15 - Updated: 2024-11-21 05:20
Severity ?
Summary
STMicroelectronics STM32L4 devices through 2020-10-19 have incorrect access control. The flash read-out protection (RDP) can be degraded from RDP level 2 (no access via debug interface) to level 1 (limited access via debug interface) by injecting a fault during the boot phase.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:st:stm32cubel4_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4E674EA4-9AE0-4B34-804C-1E08CCBE3F10",
"versionEndIncluding": "1.16.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:st:stm32l412c8:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EE6E39D8-1FA9-40D9-9FA6-DDD59467973A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:st:stm32l412cb:-:*:*:*:*:*:*:*",
"matchCriteriaId": "656EC4C6-C89D-4918-A0BF-7059BFF00D19",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:st:stm32l412k8:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1486ED41-0619-4BF1-BD12-BECE9080F706",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:st:stm32l412kb:-:*:*:*:*:*:*:*",
"matchCriteriaId": "090FF8B5-B0E8-44EB-A0F1-023CE54A3196",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:st:stm32l412r8:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0E7C1F55-06F5-4747-BFE0-06516E756285",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:st:stm32l412rb:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0869445D-F160-4831-B732-10462065199D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:st:stm32l412t8:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8D0F3A5C-D834-43FE-8E84-FFB1821B2978",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:st:stm32l412tb:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BAAB3073-BBB9-4109-A659-85129C408C99",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:st:stm32l422cb:-:*:*:*:*:*:*:*",
"matchCriteriaId": "035D5B2C-145D-4E11-9D54-3AF7F8A22D39",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:st:stm32l422kb:-:*:*:*:*:*:*:*",
"matchCriteriaId": "062D2AFB-99BF-4667-A524-F12CED0369D4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:st:stm32l422rb:-:*:*:*:*:*:*:*",
"matchCriteriaId": "83D02638-ABD6-4833-B807-418DF67254E5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:st:stm32l422tb:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7CD94AAC-DC27-4E9E-B3A6-A7F7AF5640DE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:st:stm32l431cb:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B4A7F68D-7946-4242-9426-DF5A4B7A68F4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:st:stm32l431cc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E1257FB0-8FC8-4557-B0E9-D9443FD17B70",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:st:stm32l431kb:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7B901139-82CE-44F9-938F-0888E11A94E4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:st:stm32l431kc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B0BE0670-D275-411D-9079-DE37D3A638A0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:st:stm32l431rb:-:*:*:*:*:*:*:*",
"matchCriteriaId": "63D5BFC3-0262-4768-8A36-44CAD2EDF6DD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:st:stm32l431rc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FA166E5A-D606-4B21-BF9D-A7E2CC061FFC",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:st:stm32l431vc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "026E2832-299E-441B-8159-469818D34B73",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:st:stm32l432kb:-:*:*:*:*:*:*:*",
"matchCriteriaId": "23232D34-AEE8-4F9B-863B-014237E98BBE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:st:stm32l432kc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A89FCA2A-C8C1-4DB7-A9BE-364DB0C96F51",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:st:stm32l433cb:-:*:*:*:*:*:*:*",
"matchCriteriaId": "143BC837-1ADB-447F-BE9D-FE8CC4112B0C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:st:stm32l433cc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "006CD265-E9D8-4703-BDD6-5BD91A1FEEAD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:st:stm32l433rb:-:*:*:*:*:*:*:*",
"matchCriteriaId": "77951EEF-8FDA-49B5-AF9A-38E26CD5467C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:st:stm32l433rc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BC72EDD2-C748-43FC-AD9E-D2B1C8377447",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:st:stm32l433vc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6D2D68B5-0D9F-4E11-9541-4BB6EC57467A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:st:stm32l442kc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C9649CB7-C49C-4069-9900-B51FA932B638",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:st:stm32l443cc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AD99B13E-CB3E-4512-9D85-E759AAFC1F47",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:st:stm32l443rc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2517595A-3C84-4BD2-B13A-3A62440E65A8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:st:stm32l443vc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3C9F2C47-D80F-4788-9395-DF37D911E329",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:st:stm32l451cc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5ACDB7FA-5104-4D06-AA68-86A92DDCDD69",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:st:stm32l451ce:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F9104106-0FA1-4FEF-9BD7-7A830C3012A2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:st:stm32l451rc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8024755E-DC3C-4F95-A398-00E5D3AB1D51",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:st:stm32l451re:-:*:*:*:*:*:*:*",
"matchCriteriaId": "977C55C7-088F-4015-8F6D-8022555A0A96",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:st:stm32l451vc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "67D54F31-9381-4525-A4B4-9CC508DA61BA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:st:stm32l451ve:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E666A6A2-B26E-4E6A-8D37-FCABA928BCB6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:st:stm32l452cc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "50758578-1653-4707-9278-20A5325E1C76",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:st:stm32l452ce:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A4C0133F-6C5B-4172-96E4-36E143EFC901",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:st:stm32l452rc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "43EA0D41-F6E9-4EBF-9FB8-5CBE2EC4EED3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:st:stm32l452re:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5D5AB2A2-90FB-4B89-951A-21ABEE291313",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:st:stm32l452vc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "75921015-6EBE-48FB-B1CC-991F33E649D8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:st:stm32l452ve:-:*:*:*:*:*:*:*",
"matchCriteriaId": "666BC6A5-A454-44B3-93E1-EDA4270306AF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:st:stm32l462ce:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AF13FEFB-7023-4811-9727-612C798AB9CA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:st:stm32l462re:-:*:*:*:*:*:*:*",
"matchCriteriaId": "ADB66B66-CC36-4B33-BC90-9626A0AC4896",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:st:stm32l462ve:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E46D7583-56E0-4BEE-8466-616ED64EFE89",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:st:stm32l471qe:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9D973E5F-E99E-473E-9C18-A26CEB16D825",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:st:stm32l471qg:-:*:*:*:*:*:*:*",
"matchCriteriaId": "41953CCF-4531-40CA-923B-C5D9FB0192F9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:st:stm32l471re:-:*:*:*:*:*:*:*",
"matchCriteriaId": "090246FF-4948-4853-AF94-72A742EC982F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:st:stm32l471rg:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C5979017-D47B-4ACA-B983-E7FFBC2ED279",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:st:stm32l471ve:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1ECDBD4F-A5EC-4359-945D-149E48597EF6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:st:stm32l471vg:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B9AC2AF4-B18A-406C-8246-4C5BBE24D3D0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:st:stm32l471ze:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5759079D-E639-4D7A-AA51-362FEA37E25E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:st:stm32l471zg:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4173516B-0D69-4997-BF09-5E78555CB2C9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:st:stm32l475rc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "046E8570-7698-4697-9097-7E67BA8FC717",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:st:stm32l475re:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6642FFF0-BA5A-41D6-8869-08612992BEBB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:st:stm32l475rg:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0F6BDC59-15B6-4F55-A809-6A6652ED1D2F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:st:stm32l475vc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A1724A6F-E778-48B9-947A-E9CC1898A2A2",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:st:stm32l475ve:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E7E2AA9A-AFFB-4198-8B71-D44751247ADE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:st:stm32l475vg:-:*:*:*:*:*:*:*",
"matchCriteriaId": "587EBE57-D17D-4C35-A444-4D4E4712E77E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:st:stm32l476je:-:*:*:*:*:*:*:*",
"matchCriteriaId": "203B813E-8BB1-4D4C-8136-36781FE6B359",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:st:stm32l476jg:-:*:*:*:*:*:*:*",
"matchCriteriaId": "76B14D64-F333-4FAE-9478-7B36B6C446D0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:st:stm32l476me:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B69D6826-D39C-438B-A2C4-A01E75B99B10",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:st:stm32l476mg:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4B3547A9-0CF6-4489-8224-EC7DE6A7A165",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:st:stm32l476qe:-:*:*:*:*:*:*:*",
"matchCriteriaId": "00398E07-4AC7-43C2-A742-BDC0B7086301",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:st:stm32l476qg:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CBF66C62-CF3F-437F-B512-5A20E4863F92",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:st:stm32l476rc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DBA24AAC-40C1-4160-A18A-ECA05F37D7F4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:st:stm32l476re:-:*:*:*:*:*:*:*",
"matchCriteriaId": "18B1198A-B56C-4423-A814-5C53D85B7A50",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:st:stm32l476rg:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B805224F-C32D-46CF-895A-145DA56EBFE0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:st:stm32l476vc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4298AF59-EAC7-4461-AB8A-32F3DAF31F89",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:st:stm32l476ve:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FF26E4DD-CA16-4367-A9B4-B53853BC97D3",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:st:stm32l476vg:-:*:*:*:*:*:*:*",
"matchCriteriaId": "026960AB-9AA0-4306-B498-99043EE29B4F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:st:stm32l476ze:-:*:*:*:*:*:*:*",
"matchCriteriaId": "83043BF9-6608-46FA-AC1E-6CB20876E64A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:st:stm32l476zg:-:*:*:*:*:*:*:*",
"matchCriteriaId": "19621E3B-74B5-4A40-97CD-F21A18EF269F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:st:stm32l486jg:-:*:*:*:*:*:*:*",
"matchCriteriaId": "88E27A41-24EE-4743-9B94-75FA8D908067",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:st:stm32l486qg:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2BC60A8D-7B05-4B42-B9E2-5FAF4A973FFB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:st:stm32l486rg:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CF10BC20-8651-489E-BE78-7D98E784C213",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:st:stm32l486vg:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E9D09908-6E91-4C68-9CD7-F78119D294ED",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:st:stm32l486zg:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FFD984EC-E95F-4625-B3AC-90B683299C33",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:st:stm32l496ae:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9D6363B7-CEFF-43AA-BD06-D5CEE3DB0AEB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:st:stm32l496ag:-:*:*:*:*:*:*:*",
"matchCriteriaId": "28E1D5C1-FD23-4710-A395-E4FA0EAA7877",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:st:stm32l496qe:-:*:*:*:*:*:*:*",
"matchCriteriaId": "04AAE22E-9B62-473A-8E56-682F0F096C31",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:st:stm32l496qg:-:*:*:*:*:*:*:*",
"matchCriteriaId": "683F82C6-CFF0-4690-8553-97E830257F3A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:st:stm32l496re:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DEE686ED-4E8A-458E-9687-78C05FA856BB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:st:stm32l496rg:-:*:*:*:*:*:*:*",
"matchCriteriaId": "32F7EAE0-FEA3-4136-A109-DB40C7AB49D0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:st:stm32l496ve:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B556ADCB-B4D7-4CB3-A9EA-02139BC162B8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:st:stm32l496vg:-:*:*:*:*:*:*:*",
"matchCriteriaId": "10DA488F-9FBE-497E-B633-BFC9491C3212",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:st:stm32l496wg:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EF250736-C0D1-4C11-9DE5-F7C1F2DCCFD7",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:st:stm32l496ze:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DE6AFAD7-DE66-48D1-ACB5-36EBD2DDEECF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:st:stm32l496zg:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A8B5271F-B33F-4A1D-B36C-E7A27660B03B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:st:stm32l4a6ag:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0FAC37A1-9403-4F83-9F7C-F327B68E0C68",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:st:stm32l4a6qg:-:*:*:*:*:*:*:*",
"matchCriteriaId": "35ADDFFF-FD6B-46CD-AB57-A9855CE3A85A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:st:stm32l4a6rg:-:*:*:*:*:*:*:*",
"matchCriteriaId": "016B9844-651D-4DCF-A6B3-C316879D4F96",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:st:stm32l4a6vg:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A56032AB-C5D5-4814-BA6E-DD56E6FC2DAB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:st:stm32l4a6zg:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C0DED864-CDE6-42B8-AB13-5CC46EF5EBCE",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "STMicroelectronics STM32L4 devices through 2020-10-19 have incorrect access control. The flash read-out protection (RDP) can be degraded from RDP level 2 (no access via debug interface) to level 1 (limited access via debug interface) by injecting a fault during the boot phase."
},
{
"lang": "es",
"value": "Los dispositivos STMicroelectronics STM32L4 versi\u00f3n hasta el 2020-10-19, presentan un control de acceso incorrecto.\u0026#xa0;La protecci\u00f3n de lectura flash (RDP) se puede degradar desde el nivel 2 de RDP (sin acceso por medio de la interfaz de depuraci\u00f3n) al nivel 1 (acceso limitado por medio de la interfaz de depuraci\u00f3n) inyectando un fallo durante la fase de arranque"
}
],
"id": "CVE-2020-27212",
"lastModified": "2024-11-21T05:20:51.937",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.4,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:L/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 3.4,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.0,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.0,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-05-21T12:15:07.730",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://eprint.iacr.org/2021/640"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://www.aisec.fraunhofer.de/de/das-institut/wissenschaftliche-exzellenz/security-and-trust-in-open-source-security-tokens.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://www.aisec.fraunhofer.de/en/FirmwareProtection.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://eprint.iacr.org/2021/640"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://www.aisec.fraunhofer.de/de/das-institut/wissenschaftliche-exzellenz/security-and-trust-in-open-source-security-tokens.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://www.aisec.fraunhofer.de/en/FirmwareProtection.html"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-74"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
CVE-2020-27212 (GCVE-0-2020-27212)
Vulnerability from cvelistv5 – Published: 2021-05-21 11:48 – Updated: 2024-08-04 16:11
VLAI?
Summary
STMicroelectronics STM32L4 devices through 2020-10-19 have incorrect access control. The flash read-out protection (RDP) can be degraded from RDP level 2 (no access via debug interface) to level 1 (limited access via debug interface) by injecting a fault during the boot phase.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T16:11:35.939Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.aisec.fraunhofer.de/en/FirmwareProtection.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://eprint.iacr.org/2021/640"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.aisec.fraunhofer.de/de/das-institut/wissenschaftliche-exzellenz/security-and-trust-in-open-source-security-tokens.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "STMicroelectronics STM32L4 devices through 2020-10-19 have incorrect access control. The flash read-out protection (RDP) can be degraded from RDP level 2 (no access via debug interface) to level 1 (limited access via debug interface) by injecting a fault during the boot phase."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-05-26T15:13:03",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.aisec.fraunhofer.de/en/FirmwareProtection.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://eprint.iacr.org/2021/640"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.aisec.fraunhofer.de/de/das-institut/wissenschaftliche-exzellenz/security-and-trust-in-open-source-security-tokens.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2020-27212",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "STMicroelectronics STM32L4 devices through 2020-10-19 have incorrect access control. The flash read-out protection (RDP) can be degraded from RDP level 2 (no access via debug interface) to level 1 (limited access via debug interface) by injecting a fault during the boot phase."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.aisec.fraunhofer.de/en/FirmwareProtection.html",
"refsource": "MISC",
"url": "https://www.aisec.fraunhofer.de/en/FirmwareProtection.html"
},
{
"name": "https://eprint.iacr.org/2021/640",
"refsource": "MISC",
"url": "https://eprint.iacr.org/2021/640"
},
{
"name": "https://www.aisec.fraunhofer.de/de/das-institut/wissenschaftliche-exzellenz/security-and-trust-in-open-source-security-tokens.html",
"refsource": "MISC",
"url": "https://www.aisec.fraunhofer.de/de/das-institut/wissenschaftliche-exzellenz/security-and-trust-in-open-source-security-tokens.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2020-27212",
"datePublished": "2021-05-21T11:48:27",
"dateReserved": "2020-10-19T00:00:00",
"dateUpdated": "2024-08-04T16:11:35.939Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-29414 (GCVE-0-2021-29414)
Vulnerability from cvelistv5 – Published: 2021-05-21 11:38 – Updated: 2024-08-03 22:02
VLAI?
Summary
STMicroelectronics STM32L4 devices through 2021-03-29 have incorrect physical access control.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T22:02:51.868Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.sit.fraunhofer.de/en/news-events/downloads-services/cve/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://eprint.iacr.org/2021/640"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.aisec.fraunhofer.de/de/das-institut/wissenschaftliche-exzellenz/security-and-trust-in-open-source-security-tokens.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "STMicroelectronics STM32L4 devices through 2021-03-29 have incorrect physical access control."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-05-26T14:57:58",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.sit.fraunhofer.de/en/news-events/downloads-services/cve/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://eprint.iacr.org/2021/640"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.aisec.fraunhofer.de/de/das-institut/wissenschaftliche-exzellenz/security-and-trust-in-open-source-security-tokens.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2021-29414",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "STMicroelectronics STM32L4 devices through 2021-03-29 have incorrect physical access control."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.sit.fraunhofer.de/en/news-events/downloads-services/cve/",
"refsource": "MISC",
"url": "https://www.sit.fraunhofer.de/en/news-events/downloads-services/cve/"
},
{
"name": "https://eprint.iacr.org/2021/640",
"refsource": "MISC",
"url": "https://eprint.iacr.org/2021/640"
},
{
"name": "https://www.aisec.fraunhofer.de/de/das-institut/wissenschaftliche-exzellenz/security-and-trust-in-open-source-security-tokens.html",
"refsource": "MISC",
"url": "https://www.aisec.fraunhofer.de/de/das-institut/wissenschaftliche-exzellenz/security-and-trust-in-open-source-security-tokens.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2021-29414",
"datePublished": "2021-05-21T11:38:34",
"dateReserved": "2021-03-29T00:00:00",
"dateUpdated": "2024-08-03T22:02:51.868Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-27212 (GCVE-0-2020-27212)
Vulnerability from nvd – Published: 2021-05-21 11:48 – Updated: 2024-08-04 16:11
VLAI?
Summary
STMicroelectronics STM32L4 devices through 2020-10-19 have incorrect access control. The flash read-out protection (RDP) can be degraded from RDP level 2 (no access via debug interface) to level 1 (limited access via debug interface) by injecting a fault during the boot phase.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T16:11:35.939Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.aisec.fraunhofer.de/en/FirmwareProtection.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://eprint.iacr.org/2021/640"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.aisec.fraunhofer.de/de/das-institut/wissenschaftliche-exzellenz/security-and-trust-in-open-source-security-tokens.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "STMicroelectronics STM32L4 devices through 2020-10-19 have incorrect access control. The flash read-out protection (RDP) can be degraded from RDP level 2 (no access via debug interface) to level 1 (limited access via debug interface) by injecting a fault during the boot phase."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-05-26T15:13:03",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.aisec.fraunhofer.de/en/FirmwareProtection.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://eprint.iacr.org/2021/640"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.aisec.fraunhofer.de/de/das-institut/wissenschaftliche-exzellenz/security-and-trust-in-open-source-security-tokens.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2020-27212",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "STMicroelectronics STM32L4 devices through 2020-10-19 have incorrect access control. The flash read-out protection (RDP) can be degraded from RDP level 2 (no access via debug interface) to level 1 (limited access via debug interface) by injecting a fault during the boot phase."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.aisec.fraunhofer.de/en/FirmwareProtection.html",
"refsource": "MISC",
"url": "https://www.aisec.fraunhofer.de/en/FirmwareProtection.html"
},
{
"name": "https://eprint.iacr.org/2021/640",
"refsource": "MISC",
"url": "https://eprint.iacr.org/2021/640"
},
{
"name": "https://www.aisec.fraunhofer.de/de/das-institut/wissenschaftliche-exzellenz/security-and-trust-in-open-source-security-tokens.html",
"refsource": "MISC",
"url": "https://www.aisec.fraunhofer.de/de/das-institut/wissenschaftliche-exzellenz/security-and-trust-in-open-source-security-tokens.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2020-27212",
"datePublished": "2021-05-21T11:48:27",
"dateReserved": "2020-10-19T00:00:00",
"dateUpdated": "2024-08-04T16:11:35.939Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-29414 (GCVE-0-2021-29414)
Vulnerability from nvd – Published: 2021-05-21 11:38 – Updated: 2024-08-03 22:02
VLAI?
Summary
STMicroelectronics STM32L4 devices through 2021-03-29 have incorrect physical access control.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T22:02:51.868Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.sit.fraunhofer.de/en/news-events/downloads-services/cve/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://eprint.iacr.org/2021/640"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.aisec.fraunhofer.de/de/das-institut/wissenschaftliche-exzellenz/security-and-trust-in-open-source-security-tokens.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "STMicroelectronics STM32L4 devices through 2021-03-29 have incorrect physical access control."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-05-26T14:57:58",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.sit.fraunhofer.de/en/news-events/downloads-services/cve/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://eprint.iacr.org/2021/640"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.aisec.fraunhofer.de/de/das-institut/wissenschaftliche-exzellenz/security-and-trust-in-open-source-security-tokens.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2021-29414",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "STMicroelectronics STM32L4 devices through 2021-03-29 have incorrect physical access control."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.sit.fraunhofer.de/en/news-events/downloads-services/cve/",
"refsource": "MISC",
"url": "https://www.sit.fraunhofer.de/en/news-events/downloads-services/cve/"
},
{
"name": "https://eprint.iacr.org/2021/640",
"refsource": "MISC",
"url": "https://eprint.iacr.org/2021/640"
},
{
"name": "https://www.aisec.fraunhofer.de/de/das-institut/wissenschaftliche-exzellenz/security-and-trust-in-open-source-security-tokens.html",
"refsource": "MISC",
"url": "https://www.aisec.fraunhofer.de/de/das-institut/wissenschaftliche-exzellenz/security-and-trust-in-open-source-security-tokens.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2021-29414",
"datePublished": "2021-05-21T11:38:34",
"dateReserved": "2021-03-29T00:00:00",
"dateUpdated": "2024-08-03T22:02:51.868Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}