CVE-2017-18347

Sažetak

Incorrect access control in RDP Level 1 on STMicroelectronics STM32F0 series devices allows physically present attackers to extract the device's protected firmware via a special sequence of Serial Wire Debug (SWD) commands because there is a race condition between full initialization of the SWD interface and the setup of flash protection.

Reference

https://www.usenix.org/conference/woot17/workshop-program/presentation/obermaier
https://www.aisec.fraunhofer.de/en/FirmwareProtection.html
https://community.st.com/s/question/0D50X00009Xke7aSAB/readout-protection-cracked-on-stm32

CVSS

Base:	4.9
Impact:	6.9
Exploitability:	3.9

Pristup

Vektor	Složenost	Autentikacija
LOCAL	LOW	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
COMPLETE	NONE	NONE

CVSS vektor

AV:L/AC:L/Au:N/C:C/I:N/A:N

Zadnje važnije ažuriranje

04-05-2021 - 14:07

Objavljeno

12-09-2018 - 15:29