FKIE_CVE-2017-7932
Vulnerability from fkie_nvd - Published: 2017-08-07 08:29 - Updated: 2025-04-20 01:37
Severity ?
Summary
An improper certificate validation issue was discovered in NXP i.MX 28 i.MX 50, i.MX 53, i.MX 7Solo i.MX 7Dual Vybrid VF3xx, Vybrid VF5xx, Vybrid VF6xx, i.MX 6ULL, i.MX 6UltraLite, i.MX 6SoloLite, i.MX 6Solo, i.MX 6DualLite, i.MX 6SoloX, i.MX 6Dual, i.MX 6Quad, i.MX 6DualPlus, and i.MX 6QuadPlus. When the device is configured in security enabled configuration, under certain conditions it is possible to bypass the signature verification by using a specially crafted certificate leading to the execution of an unsigned image.
References
| URL | Tags | ||
|---|---|---|---|
| ics-cert@hq.dhs.gov | http://www.securityfocus.com/bid/99966 | Third Party Advisory, VDB Entry | |
| ics-cert@hq.dhs.gov | https://ics-cert.us-cert.gov/advisories/ICSA-17-152-02 | Third Party Advisory, US Government Resource, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/99966 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://ics-cert.us-cert.gov/advisories/ICSA-17-152-02 | Third Party Advisory, US Government Resource, VDB Entry |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:nxp:vybrid_mvf30nn151cku26_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "82ABEF1B-6B93-48B5-B34B-1D155EC55ED8",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:nxp:vybrid_mvf30nn151cku26:-:*:*:*:*:*:*:*",
"matchCriteriaId": "70A93AF1-F85B-43AC-8D9B-98E47B6B001E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:nxp:vybrid_mvf30ns151cku26_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A4B81B61-456E-4359-AD6B-2317376AB24C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:nxp:vybrid_mvf30ns151cku26:-:*:*:*:*:*:*:*",
"matchCriteriaId": "61D98873-7A8C-449D-A044-B05887A890E2",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:nxp:vybrid_mvf50nn151cmk40_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D26C9279-3069-4093-BA96-2CB70AEDD2F0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:nxp:vybrid_mvf50nn151cmk40:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3C674A05-5443-402D-B508-62EF31AD15BD",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:nxp:vybrid_mvf50nn151cmk50_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EB5C139B-A4DC-414C-B278-ED4E5F5492C5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:nxp:vybrid_mvf50nn151cmk50:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4F14598B-FD3C-4CFC-8DBE-FC1EA733731C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:nxp:vybrid_mvf50ns151cmk40_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7F1A6ACE-A4B5-48DE-ACE4-DF50A928DE3D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:nxp:vybrid_mvf50ns151cmk40:-:*:*:*:*:*:*:*",
"matchCriteriaId": "49CA505E-6B28-41C9-93B0-7406F489BDB0",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:nxp:vybrid_mvf50ns151cmk50_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "78300258-A011-4920-B39C-7B8C0412C921",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:nxp:vybrid_mvf50ns151cmk50:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B8C271C7-E84F-4BF8-AB80-9934BB0A5FCA",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:nxp:vybrid_mvf51nn151cmk50_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "40BA42E1-0931-4ECC-8A90-8485D6071158",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:nxp:vybrid_mvf51nn151cmk50:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8A843151-9A62-4515-A82A-E798DD89EFF0",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:nxp:vybrid_mvf51ns151cmk50_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E296D84B-F3E5-4FBE-AA21-E8FDFB12F448",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:nxp:vybrid_mvf51ns151cmk50:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E2DD4EB6-9AC7-40AD-BFE2-EE9AB100F666",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:nxp:vybrid_mvf60nn151cmk40_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "87DBF157-B729-4FE0-87E2-075C6154CCA7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:nxp:vybrid_mvf60nn151cmk40:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9DD55202-ABCF-4B87-963D-476507A721FB",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:nxp:vybrid_mvf60ns151cmk40_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FE02CB27-F9E9-46EC-8D66-93482390B6FB",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:nxp:vybrid_mvf60ns151cmk40:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4AD1ACEE-674D-4ECF-BDA5-A371B57DF38F",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:nxp:vybrid_mvf60nn151cmk50_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "902E393B-EDC6-4814-B712-C218BED08866",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:nxp:vybrid_mvf60nn151cmk50:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7ADF82AB-BC34-4CE0-B5E6-9AB40241FFD6",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:nxp:vybrid_mvf60ns151cmk50_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CBEE62D2-1F7D-4083-BB14-0BFA6B8F5A8B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:nxp:vybrid_mvf60ns151cmk50:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E87BB6B2-BB8B-4264-90F3-EE2E7B63F73B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:nxp:vybrid_mvf61nn151cmk50_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "42B4DE7F-2141-4954-8A5A-1CA9FC61CA01",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:nxp:vybrid_mvf61nn151cmk50:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A401CC61-AB8A-4AC4-B50B-4953660E9CD0",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:nxp:vybrid_mvf61ns151cmk50_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "881A99E8-BC43-4C28-A394-83171519F1C2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:nxp:vybrid_mvf61ns151cmk50:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7921E65C-2824-446A-8BC3-563A68808270",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:nxp:vybrid_mvf62nn151cmk40_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "24B3ABED-465D-4897-9EC4-3E6AF1A7519A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:nxp:vybrid_mvf62nn151cmk40:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3D1A0B17-65C1-44AF-A686-04FBFB5C1AE7",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:nxp:i.mx_50_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7F523DEA-C0B0-4268-9F6A-E48282A32A8C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:nxp:i.mx_50:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FA014971-DCCC-4B8D-8653-DD3A158B8A1A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:nxp:i.mx_53_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "14B5CAEA-5120-4089-8E31-0BC959EFF849",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:nxp:i.mx_53:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0496E7EB-4D37-4333-A854-A8D45B8A86D8",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:nxp:i.mx_6ull_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3CF45AD7-B959-452C-81CB-FD9A40D11378",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:nxp:i.mx_6ull:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E2CD0D2A-C1A5-4771-ADAB-70375BF06670",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:nxp:i.mx_6ultralite_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0D3ECF45-3884-4AEF-B26E-72DA6E43F49A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:nxp:i.mx_6ultralite:-:*:*:*:*:*:*:*",
"matchCriteriaId": "06A59F6D-0000-4E82-8F16-BC9BC946A7B0",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:nxp:i.mx_6sololite_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "25507E5C-FCAC-46E1-A90F-B9AE7D554F76",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:nxp:i.mx_6sololite:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0C42AF58-A53F-4307-A381-CD1A511F4569",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:nxp:i.mx_6solo_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BA76C3C4-0030-4C52-BCDE-D4D963C2B511",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:nxp:i.mx_6solo:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6A69747C-AE47-4219-8892-461341151E6C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:nxp:i.mx_6duallite_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "28AF0906-B8CE-40FE-BEE0-03A814C55B0B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:nxp:i.mx_6duallite:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0F40FEC3-EBBC-4B1D-9677-23B3A6D89B91",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:nxp:i.mx_6solox_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4BCB98D4-51CD-45AB-8C5D-79989A083946",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:nxp:i.mx_6solox:-:*:*:*:*:*:*:*",
"matchCriteriaId": "71631A11-FB49-4335-BB1B-47EB9061F47B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:nxp:i.mx_6dual_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "042E76C8-94AD-4F30-AFDC-D6E4C3F49FF0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:nxp:i.mx_6dual:-:*:*:*:*:*:*:*",
"matchCriteriaId": "74D9AB2D-303F-4C16-A584-0812DE52C7EF",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:nxp:i.mx_6quad_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A062D5CA-B204-4209-A398-343E191A4AE3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:nxp:i.mx_6quad:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B2C69EB9-C38F-41AF-B1A6-0E7BB841BA58",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:nxp:i.mx_6quadplus_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CF0BC58B-DFD5-465A-AB3D-724DD05B6199",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:nxp:i.mx_6quadplus:-:*:*:*:*:*:*:*",
"matchCriteriaId": "623866FF-4E6B-48F8-B601-09AB288294D1",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:nxp:i.mx_6dualplus_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "77688E97-E680-445E-B291-CEABBF0AC460",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:nxp:i.mx_6dualplus:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DB41F948-3B57-4462-9FF5-890FBD038E66",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:nxp:i.mx_28_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "87A416B6-B9A4-4408-8848-214E8947FB78",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:nxp:i.mx_28:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BCEECEEB-834C-4A3C-B907-92836250CC80",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:nxp:i.mx_7dual_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "079CC43E-F536-4C7A-BB92-DA2B0C051680",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:nxp:i.mx_7dual:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E4F7AFD4-FE4A-4D1F-9944-BF67D77E8E5D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:nxp:i.mx_7solo_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7206B367-4736-4045-8468-C39A41A8435C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:nxp:i.mx_7solo:-:*:*:*:*:*:*:*",
"matchCriteriaId": "63F78E63-D311-4D82-A0CE-5A756D469396",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An improper certificate validation issue was discovered in NXP i.MX 28 i.MX 50, i.MX 53, i.MX 7Solo i.MX 7Dual Vybrid VF3xx, Vybrid VF5xx, Vybrid VF6xx, i.MX 6ULL, i.MX 6UltraLite, i.MX 6SoloLite, i.MX 6Solo, i.MX 6DualLite, i.MX 6SoloX, i.MX 6Dual, i.MX 6Quad, i.MX 6DualPlus, and i.MX 6QuadPlus. When the device is configured in security enabled configuration, under certain conditions it is possible to bypass the signature verification by using a specially crafted certificate leading to the execution of an unsigned image."
},
{
"lang": "es",
"value": "Se ha descubierto un problema de validaci\u00f3n incorrecta de certificados en NXP i.MX 28 i.MX 50, i.MX 53, i.MX 7Solo i.MX 7Dual Vybrid VF3xx, Vybrid VF5xx, Vybrid VF6xx, i.MX 6ULL, i.MX 6UltraLite, i.MX 6SoloLite, i.MX 6Solo, i.MX 6DualLite, i.MX 6SoloX, i.MX 6Dual, i.MX 6Quad, i.MX 6DualPlus, y i.MX 6QuadPlus. Cuando el dispositivo est\u00e1 configurado con opciones de seguridad habilitadas, bajo algunas condiciones es posible eludir la verificaci\u00f3n de firma utilizando un certificado especialmente manipulado que lleva a la ejecuci\u00f3n de una imagen sin firmar."
}
],
"id": "CVE-2017-7932",
"lastModified": "2025-04-20T01:37:25.860",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.4,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:L/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 3.4,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "PHYSICAL",
"availabilityImpact": "HIGH",
"baseScore": 6.0,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:P/AC:H/PR:N/UI:N/S:U/C:L/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 0.5,
"impactScore": 5.5,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-08-07T08:29:00.307",
"references": [
{
"source": "ics-cert@hq.dhs.gov",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/99966"
},
{
"source": "ics-cert@hq.dhs.gov",
"tags": [
"Third Party Advisory",
"US Government Resource",
"VDB Entry"
],
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-17-152-02"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/99966"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"US Government Resource",
"VDB Entry"
],
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-17-152-02"
}
],
"sourceIdentifier": "ics-cert@hq.dhs.gov",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-295"
}
],
"source": "ics-cert@hq.dhs.gov",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-295"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…