Search
Find a vulnerability
Search criteria
18 vulnerabilities by NXP
VAR-201708-1391
Vulnerability from variot - Updated: 2025-04-20 23:29An improper certificate validation issue was discovered in NXP i.MX 28 i.MX 50, i.MX 53, i.MX 7Solo i.MX 7Dual Vybrid VF3xx, Vybrid VF5xx, Vybrid VF6xx, i.MX 6ULL, i.MX 6UltraLite, i.MX 6SoloLite, i.MX 6Solo, i.MX 6DualLite, i.MX 6SoloX, i.MX 6Dual, i.MX 6Quad, i.MX 6DualPlus, and i.MX 6QuadPlus. When the device is configured in security enabled configuration, under certain conditions it is possible to bypass the signature verification by using a specially crafted certificate leading to the execution of an unsigned image. plural NXP i.MX and Vybrid The product contains a certificate validation vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. NXPi.MX50 and so on are different series of microprocessor products from NXPSemiconductors of the Netherlands. There are security vulnerabilities in several NXPi.MX products due to the program failing to properly validate the certificate. Failed exploit attempts will likely cause a denial-of-service condition. The following devices are affected: NXP i.MX 28, i.MX 50, i.MX 53, i.MX 7Solo i.MX 7Dual Vybrid VF3xx, Vybrid VF5xx, Vybrid VF6xx, i.MX 6ULL, i.MX 6UltraLite, i. MX 6SoloLite, i.MX 6Solo, i.MX 6DualLite, i.MX 6SoloX, i.MX 6Dual, i.MX 6Quad, i.MX 6DualPlus, i.MX 6QuadPlus
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201708-1391",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "i.mx 50",
"scope": "eq",
"trust": 1.6,
"vendor": "nxp",
"version": null
},
{
"model": "i.mx 53",
"scope": "eq",
"trust": 1.6,
"vendor": "nxp",
"version": null
},
{
"model": "i.mx 6ultralite",
"scope": "eq",
"trust": 1.6,
"vendor": "nxp",
"version": null
},
{
"model": "vybrid mvf62nn151cmk40",
"scope": "eq",
"trust": 1.6,
"vendor": "nxp",
"version": null
},
{
"model": "i.mx 6solo",
"scope": "eq",
"trust": 1.6,
"vendor": "nxp",
"version": null
},
{
"model": "vybrid mvf61ns151cmk50",
"scope": "eq",
"trust": 1.6,
"vendor": "nxp",
"version": null
},
{
"model": "vybrid mvf61nn151cmk50",
"scope": "eq",
"trust": 1.6,
"vendor": "nxp",
"version": null
},
{
"model": "i.mx 6ull",
"scope": "eq",
"trust": 1.6,
"vendor": "nxp",
"version": null
},
{
"model": "i.mx 6sololite",
"scope": "eq",
"trust": 1.6,
"vendor": "nxp",
"version": null
},
{
"model": "vybrid mvf60nn151cmk40",
"scope": "eq",
"trust": 1.6,
"vendor": "nxp",
"version": null
},
{
"model": "vybrid mvf30nn151cku26",
"scope": "eq",
"trust": 1.0,
"vendor": "nxp",
"version": null
},
{
"model": "vybrid mvf50ns151cmk50",
"scope": "eq",
"trust": 1.0,
"vendor": "nxp",
"version": null
},
{
"model": "vybrid mvf50nn151cmk40",
"scope": "eq",
"trust": 1.0,
"vendor": "nxp",
"version": null
},
{
"model": "i.mx 7dual",
"scope": "eq",
"trust": 1.0,
"vendor": "nxp",
"version": null
},
{
"model": "i.mx 7solo",
"scope": "eq",
"trust": 1.0,
"vendor": "nxp",
"version": null
},
{
"model": "vybrid mvf60ns151cmk40",
"scope": "eq",
"trust": 1.0,
"vendor": "nxp",
"version": null
},
{
"model": "i.mx 6solox",
"scope": "eq",
"trust": 1.0,
"vendor": "nxp",
"version": null
},
{
"model": "i.mx 6dual",
"scope": "eq",
"trust": 1.0,
"vendor": "nxp",
"version": null
},
{
"model": "vybrid mvf60ns151cmk50",
"scope": "eq",
"trust": 1.0,
"vendor": "nxp",
"version": null
},
{
"model": "vybrid mvf50nn151cmk50",
"scope": "eq",
"trust": 1.0,
"vendor": "nxp",
"version": null
},
{
"model": "vybrid mvf30ns151cku26",
"scope": "eq",
"trust": 1.0,
"vendor": "nxp",
"version": null
},
{
"model": "vybrid mvf60nn151cmk50",
"scope": "eq",
"trust": 1.0,
"vendor": "nxp",
"version": null
},
{
"model": "i.mx 28",
"scope": "eq",
"trust": 1.0,
"vendor": "nxp",
"version": null
},
{
"model": "vybrid mvf51ns151cmk50",
"scope": "eq",
"trust": 1.0,
"vendor": "nxp",
"version": null
},
{
"model": "i.mx 6dualplus",
"scope": "eq",
"trust": 1.0,
"vendor": "nxp",
"version": null
},
{
"model": "vybrid mvf50ns151cmk40",
"scope": "eq",
"trust": 1.0,
"vendor": "nxp",
"version": null
},
{
"model": "i.mx 6duallite",
"scope": "eq",
"trust": 1.0,
"vendor": "nxp",
"version": null
},
{
"model": "vybrid mvf51nn151cmk50",
"scope": "eq",
"trust": 1.0,
"vendor": "nxp",
"version": null
},
{
"model": "i.mx 6quad",
"scope": "eq",
"trust": 1.0,
"vendor": "nxp",
"version": null
},
{
"model": "i.mx 6quadplus",
"scope": "eq",
"trust": 1.0,
"vendor": "nxp",
"version": null
},
{
"model": "i.mx 28",
"scope": null,
"trust": 0.8,
"vendor": "nxp semiconductors",
"version": null
},
{
"model": "i.mx 50",
"scope": null,
"trust": 0.8,
"vendor": "nxp semiconductors",
"version": null
},
{
"model": "i.mx 53",
"scope": null,
"trust": 0.8,
"vendor": "nxp semiconductors",
"version": null
},
{
"model": "i.mx 6dual",
"scope": null,
"trust": 0.8,
"vendor": "nxp semiconductors",
"version": null
},
{
"model": "i.mx 6duallite",
"scope": null,
"trust": 0.8,
"vendor": "nxp semiconductors",
"version": null
},
{
"model": "i.mx 6dualplus",
"scope": null,
"trust": 0.8,
"vendor": "nxp semiconductors",
"version": null
},
{
"model": "i.mx 6quad",
"scope": null,
"trust": 0.8,
"vendor": "nxp semiconductors",
"version": null
},
{
"model": "i.mx 6quadplus",
"scope": null,
"trust": 0.8,
"vendor": "nxp semiconductors",
"version": null
},
{
"model": "i.mx 6solo",
"scope": null,
"trust": 0.8,
"vendor": "nxp semiconductors",
"version": null
},
{
"model": "i.mx 6sololite",
"scope": null,
"trust": 0.8,
"vendor": "nxp semiconductors",
"version": null
},
{
"model": "i.mx 6solox",
"scope": null,
"trust": 0.8,
"vendor": "nxp semiconductors",
"version": null
},
{
"model": "i.mx 6ull",
"scope": null,
"trust": 0.8,
"vendor": "nxp semiconductors",
"version": null
},
{
"model": "i.mx 6ultralite",
"scope": null,
"trust": 0.8,
"vendor": "nxp semiconductors",
"version": null
},
{
"model": "i.mx 7dual",
"scope": null,
"trust": 0.8,
"vendor": "nxp semiconductors",
"version": null
},
{
"model": "i.mx 7solo",
"scope": null,
"trust": 0.8,
"vendor": "nxp semiconductors",
"version": null
},
{
"model": "vybrid mvf30nn151cku26",
"scope": null,
"trust": 0.8,
"vendor": "nxp semiconductors",
"version": null
},
{
"model": "vybrid mvf30ns151cku26",
"scope": null,
"trust": 0.8,
"vendor": "nxp semiconductors",
"version": null
},
{
"model": "vybrid mvf50nn151cmk40",
"scope": null,
"trust": 0.8,
"vendor": "nxp semiconductors",
"version": null
},
{
"model": "vybrid mvf50nn151cmk50",
"scope": null,
"trust": 0.8,
"vendor": "nxp semiconductors",
"version": null
},
{
"model": "vybrid mvf50ns151cmk40",
"scope": null,
"trust": 0.8,
"vendor": "nxp semiconductors",
"version": null
},
{
"model": "vybrid mvf50ns151cmk50",
"scope": null,
"trust": 0.8,
"vendor": "nxp semiconductors",
"version": null
},
{
"model": "vybrid mvf51nn151cmk50",
"scope": null,
"trust": 0.8,
"vendor": "nxp semiconductors",
"version": null
},
{
"model": "vybrid mvf51ns151cmk50",
"scope": null,
"trust": 0.8,
"vendor": "nxp semiconductors",
"version": null
},
{
"model": "vybrid mvf60nn151cmk40",
"scope": null,
"trust": 0.8,
"vendor": "nxp semiconductors",
"version": null
},
{
"model": "vybrid mvf60nn151cmk50",
"scope": null,
"trust": 0.8,
"vendor": "nxp semiconductors",
"version": null
},
{
"model": "vybrid mvf60ns151cmk40",
"scope": null,
"trust": 0.8,
"vendor": "nxp semiconductors",
"version": null
},
{
"model": "vybrid mvf60ns151cmk50",
"scope": null,
"trust": 0.8,
"vendor": "nxp semiconductors",
"version": null
},
{
"model": "vybrid mvf61nn151cmk50",
"scope": null,
"trust": 0.8,
"vendor": "nxp semiconductors",
"version": null
},
{
"model": "vybrid mvf61ns151cmk50",
"scope": null,
"trust": 0.8,
"vendor": "nxp semiconductors",
"version": null
},
{
"model": "vybrid mvf62nn151cmk40",
"scope": null,
"trust": 0.8,
"vendor": "nxp semiconductors",
"version": null
},
{
"model": "semiconductors i.mx",
"scope": "eq",
"trust": 0.6,
"vendor": "nxp",
"version": "50"
},
{
"model": "semiconductors i.mx",
"scope": "eq",
"trust": 0.6,
"vendor": "nxp",
"version": "53"
},
{
"model": "semiconductors i.mx 6ull",
"scope": null,
"trust": 0.6,
"vendor": "nxp",
"version": null
},
{
"model": "semiconductors i.mx 6ultralite",
"scope": null,
"trust": 0.6,
"vendor": "nxp",
"version": null
},
{
"model": "semiconductors i.mx 6sololite",
"scope": null,
"trust": 0.6,
"vendor": "nxp",
"version": null
},
{
"model": "semiconductors i.mx 6solo",
"scope": null,
"trust": 0.6,
"vendor": "nxp",
"version": null
},
{
"model": "semiconductors i.mx 6duallite",
"scope": null,
"trust": 0.6,
"vendor": "nxp",
"version": null
},
{
"model": "semiconductors i.mx 6quad",
"scope": null,
"trust": 0.6,
"vendor": "nxp",
"version": null
},
{
"model": "semiconductors i.mx 6solox",
"scope": null,
"trust": 0.6,
"vendor": "nxp",
"version": null
},
{
"model": "semiconductors i.mx 6dual",
"scope": null,
"trust": 0.6,
"vendor": "nxp",
"version": null
},
{
"model": "semiconductors i.mx 6dualplus",
"scope": null,
"trust": 0.6,
"vendor": "nxp",
"version": null
},
{
"model": "semiconductors i.mx 6quadplus",
"scope": null,
"trust": 0.6,
"vendor": "nxp",
"version": null
},
{
"model": "semiconductors vybrid vf3xx",
"scope": null,
"trust": 0.6,
"vendor": "nxp",
"version": null
},
{
"model": "semiconductors vybrid vf5xx",
"scope": null,
"trust": 0.6,
"vendor": "nxp",
"version": null
},
{
"model": "semiconductors vybrid vf6xx",
"scope": null,
"trust": 0.6,
"vendor": "nxp",
"version": null
},
{
"model": "semiconductors i.mx",
"scope": "eq",
"trust": 0.6,
"vendor": "nxp",
"version": "28"
},
{
"model": "semiconductors i.mx 7solo",
"scope": null,
"trust": 0.6,
"vendor": "nxp",
"version": null
},
{
"model": "semiconductors i.mx 7dual",
"scope": null,
"trust": 0.6,
"vendor": "nxp",
"version": null
},
{
"model": "semiconductors vybrid vf5xx",
"scope": "eq",
"trust": 0.3,
"vendor": "nxp",
"version": "0"
},
{
"model": "semiconductors vybrid vf3xx",
"scope": "eq",
"trust": 0.3,
"vendor": "nxp",
"version": "0"
},
{
"model": "semiconductors mifare ultralight",
"scope": "eq",
"trust": 0.3,
"vendor": "nxp",
"version": "0"
},
{
"model": "semiconductors mifare reader components",
"scope": "eq",
"trust": 0.3,
"vendor": "nxp",
"version": "0"
},
{
"model": "semiconductors mifare desfire ev1",
"scope": null,
"trust": 0.3,
"vendor": "nxp",
"version": null
},
{
"model": "semiconductors mifare classic",
"scope": "eq",
"trust": 0.3,
"vendor": "nxp",
"version": "0"
},
{
"model": "semiconductors imx 7solo",
"scope": "eq",
"trust": 0.3,
"vendor": "nxp",
"version": "0"
},
{
"model": "semiconductors imx 7dual",
"scope": "eq",
"trust": 0.3,
"vendor": "nxp",
"version": "0"
},
{
"model": "semiconductors imx 6ultralite",
"scope": "eq",
"trust": 0.3,
"vendor": "nxp",
"version": "0"
},
{
"model": "semiconductors imx 6ull",
"scope": "eq",
"trust": 0.3,
"vendor": "nxp",
"version": "0"
},
{
"model": "semiconductors imx 6solox",
"scope": "eq",
"trust": 0.3,
"vendor": "nxp",
"version": "0"
},
{
"model": "semiconductors imx 6sololite",
"scope": "eq",
"trust": 0.3,
"vendor": "nxp",
"version": "0"
},
{
"model": "semiconductors imx 6solo",
"scope": "eq",
"trust": 0.3,
"vendor": "nxp",
"version": "0"
},
{
"model": "semiconductors imx 6quadplus",
"scope": "eq",
"trust": 0.3,
"vendor": "nxp",
"version": "0"
},
{
"model": "semiconductors imx 6quad",
"scope": "eq",
"trust": 0.3,
"vendor": "nxp",
"version": "0"
},
{
"model": "semiconductors imx 6dualplus",
"scope": "eq",
"trust": 0.3,
"vendor": "nxp",
"version": "0"
},
{
"model": "semiconductors imx 6duallite",
"scope": "eq",
"trust": 0.3,
"vendor": "nxp",
"version": "0"
},
{
"model": "semiconductors imx 6dual",
"scope": "eq",
"trust": 0.3,
"vendor": "nxp",
"version": "0"
},
{
"model": "semiconductors imx",
"scope": "eq",
"trust": 0.3,
"vendor": "nxp",
"version": "530"
},
{
"model": "semiconductors imx",
"scope": "eq",
"trust": 0.3,
"vendor": "nxp",
"version": "500"
},
{
"model": "semiconductors imx",
"scope": "eq",
"trust": 0.3,
"vendor": "nxp",
"version": "280"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "vybrid mvf30nn151cku26",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "vybrid mvf60ns151cmk40",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "vybrid mvf60nn151cmk50",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "vybrid mvf60ns151cmk50",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "vybrid mvf61nn151cmk50",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "vybrid mvf61ns151cmk50",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "vybrid mvf62nn151cmk40",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "i mx 50",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "i mx 53",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "i mx 6ull",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "i mx 6ultralite",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "vybrid mvf30ns151cku26",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "i mx 6sololite",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "i mx 6solo",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "i mx 6duallite",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "i mx 6solox",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "i mx 6dual",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "i mx 6quad",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "i mx 6quadplus",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "i mx 6dualplus",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "i mx 28",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "i mx 7dual",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "vybrid mvf50nn151cmk40",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "i mx 7solo",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "vybrid mvf50nn151cmk50",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "vybrid mvf50ns151cmk40",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "vybrid mvf50ns151cmk50",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "vybrid mvf51nn151cmk50",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "vybrid mvf51ns151cmk50",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "vybrid mvf60nn151cmk40",
"version": null
}
],
"sources": [
{
"db": "IVD",
"id": "d823aa2f-dc34-445f-8238-cacbe1c66f3b"
},
{
"db": "CNVD",
"id": "CNVD-2017-23000"
},
{
"db": "BID",
"id": "99966"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-007267"
},
{
"db": "CNNVD",
"id": "CNNVD-201704-928"
},
{
"db": "NVD",
"id": "CVE-2017-7932"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/o:nxp:i.mx_28_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:nxp:i.mx_50_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:nxp:i.mx_53_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:nxp:i.mx_6dual_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:nxp:i.mx_6duallite_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:nxp:i.mx_6dualplus_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:nxp:i.mx_6quad_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:nxp:i.mx_6quadplus_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:nxp:i.mx_6solo_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:nxp:i.mx_6sololite_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:nxp:i.mx_6solox_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:nxp:i.mx_6ull_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:nxp:i.mx_6ultralite_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:nxp:i.mx_7dual_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:nxp:i.mx_7solo_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:nxp:vybrid_mvf30nn151cku26_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:nxp:vybrid_mvf30ns151cku26_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:nxp:vybrid_mvf50nn151cmk40_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:nxp:vybrid_mvf50nn151cmk50_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:nxp:vybrid_mvf50ns151cmk40_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:nxp:vybrid_mvf50ns151cmk50_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:nxp:vybrid_mvf51nn151cmk50_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:nxp:vybrid_mvf51ns151cmk50_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:nxp:vybrid_mvf60nn151cmk40_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:nxp:vybrid_mvf60nn151cmk50_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:nxp:vybrid_mvf60ns151cmk40_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:nxp:vybrid_mvf60ns151cmk50_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:nxp:vybrid_mvf61nn151cmk50_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:nxp:vybrid_mvf61ns151cmk50_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:nxp:vybrid_mvf62nn151cmk40_firmware",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-007267"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Quarkslab.",
"sources": [
{
"db": "BID",
"id": "99966"
}
],
"trust": 0.3
},
"cve": "CVE-2017-7932",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 4.4,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 3.4,
"id": "CVE-2017-7932",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 1.8,
"vectorString": "AV:L/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "HIGH",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "COMPLETE",
"baseScore": 5.9,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 1.9,
"id": "CNVD-2017-23000",
"impactScore": 9.5,
"integrityImpact": "COMPLETE",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:L/AC:H/Au:N/C:P/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "HIGH",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "COMPLETE",
"baseScore": 5.9,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 1.9,
"id": "d823aa2f-dc34-445f-8238-cacbe1c66f3b",
"impactScore": 9.5,
"integrityImpact": "COMPLETE",
"severity": "MEDIUM",
"trust": 0.2,
"vectorString": "AV:L/AC:H/Au:N/C:P/I:C/A:C",
"version": "2.9 [IVD]"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 4.4,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 3.4,
"id": "VHN-116135",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:L/AC:M/AU:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "HIGH",
"attackVector": "PHYSICAL",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 6.0,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"exploitabilityScore": 0.5,
"id": "CVE-2017-7932",
"impactScore": 5.5,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.8,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:P/AC:H/PR:N/UI:N/S:U/C:L/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2017-7932",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "CVE-2017-7932",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNVD",
"id": "CNVD-2017-23000",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201704-928",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "IVD",
"id": "d823aa2f-dc34-445f-8238-cacbe1c66f3b",
"trust": 0.2,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-116135",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "d823aa2f-dc34-445f-8238-cacbe1c66f3b"
},
{
"db": "CNVD",
"id": "CNVD-2017-23000"
},
{
"db": "VULHUB",
"id": "VHN-116135"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-007267"
},
{
"db": "CNNVD",
"id": "CNNVD-201704-928"
},
{
"db": "NVD",
"id": "CVE-2017-7932"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "An improper certificate validation issue was discovered in NXP i.MX 28 i.MX 50, i.MX 53, i.MX 7Solo i.MX 7Dual Vybrid VF3xx, Vybrid VF5xx, Vybrid VF6xx, i.MX 6ULL, i.MX 6UltraLite, i.MX 6SoloLite, i.MX 6Solo, i.MX 6DualLite, i.MX 6SoloX, i.MX 6Dual, i.MX 6Quad, i.MX 6DualPlus, and i.MX 6QuadPlus. When the device is configured in security enabled configuration, under certain conditions it is possible to bypass the signature verification by using a specially crafted certificate leading to the execution of an unsigned image. plural NXP i.MX and Vybrid The product contains a certificate validation vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. NXPi.MX50 and so on are different series of microprocessor products from NXPSemiconductors of the Netherlands. There are security vulnerabilities in several NXPi.MX products due to the program failing to properly validate the certificate. Failed exploit attempts will likely cause a denial-of-service condition. The following devices are affected: NXP i.MX 28, i.MX 50, i.MX 53, i.MX 7Solo i.MX 7Dual Vybrid VF3xx, Vybrid VF5xx, Vybrid VF6xx, i.MX 6ULL, i.MX 6UltraLite, i. MX 6SoloLite, i.MX 6Solo, i.MX 6DualLite, i.MX 6SoloX, i.MX 6Dual, i.MX 6Quad, i.MX 6DualPlus, i.MX 6QuadPlus",
"sources": [
{
"db": "NVD",
"id": "CVE-2017-7932"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-007267"
},
{
"db": "CNVD",
"id": "CNVD-2017-23000"
},
{
"db": "BID",
"id": "99966"
},
{
"db": "IVD",
"id": "d823aa2f-dc34-445f-8238-cacbe1c66f3b"
},
{
"db": "VULHUB",
"id": "VHN-116135"
}
],
"trust": 2.7
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2017-7932",
"trust": 3.6
},
{
"db": "ICS CERT",
"id": "ICSA-17-152-02",
"trust": 3.4
},
{
"db": "BID",
"id": "99966",
"trust": 2.6
},
{
"db": "CNNVD",
"id": "CNNVD-201704-928",
"trust": 0.9
},
{
"db": "CNVD",
"id": "CNVD-2017-23000",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2017-007267",
"trust": 0.8
},
{
"db": "IVD",
"id": "D823AA2F-DC34-445F-8238-CACBE1C66F3B",
"trust": 0.2
},
{
"db": "VULHUB",
"id": "VHN-116135",
"trust": 0.1
}
],
"sources": [
{
"db": "IVD",
"id": "d823aa2f-dc34-445f-8238-cacbe1c66f3b"
},
{
"db": "CNVD",
"id": "CNVD-2017-23000"
},
{
"db": "VULHUB",
"id": "VHN-116135"
},
{
"db": "BID",
"id": "99966"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-007267"
},
{
"db": "CNNVD",
"id": "CNNVD-201704-928"
},
{
"db": "NVD",
"id": "CVE-2017-7932"
}
]
},
"id": "VAR-201708-1391",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "IVD",
"id": "d823aa2f-dc34-445f-8238-cacbe1c66f3b"
},
{
"db": "CNVD",
"id": "CNVD-2017-23000"
},
{
"db": "VULHUB",
"id": "VHN-116135"
}
],
"trust": 1.7333333062499998
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS",
"Network device"
],
"sub_category": null,
"trust": 0.6
},
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 0.2
}
],
"sources": [
{
"db": "IVD",
"id": "d823aa2f-dc34-445f-8238-cacbe1c66f3b"
},
{
"db": "CNVD",
"id": "CNVD-2017-23000"
}
]
},
"last_update_date": "2025-04-20T23:29:34.888000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "i.MX \u0026 Vybrid Security Vulnerability Errata - ERR010872, ERR010873",
"trust": 0.8,
"url": "https://community.nxp.com/docs/DOC-334996"
},
{
"title": "Multiple NXPi.MX products verify patches that bypass the vulnerability",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/100888"
},
{
"title": "Multiple NXP i.MX Product security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=99743"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-23000"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-007267"
},
{
"db": "CNNVD",
"id": "CNNVD-201704-928"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-295",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-116135"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-007267"
},
{
"db": "NVD",
"id": "CVE-2017-7932"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 3.4,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-17-152-02"
},
{
"trust": 2.3,
"url": "http://www.securityfocus.com/bid/99966"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-7932"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-7932"
},
{
"trust": 0.3,
"url": "http://www.nxp.com/"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-23000"
},
{
"db": "VULHUB",
"id": "VHN-116135"
},
{
"db": "BID",
"id": "99966"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-007267"
},
{
"db": "CNNVD",
"id": "CNNVD-201704-928"
},
{
"db": "NVD",
"id": "CVE-2017-7932"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "IVD",
"id": "d823aa2f-dc34-445f-8238-cacbe1c66f3b"
},
{
"db": "CNVD",
"id": "CNVD-2017-23000"
},
{
"db": "VULHUB",
"id": "VHN-116135"
},
{
"db": "BID",
"id": "99966"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-007267"
},
{
"db": "CNNVD",
"id": "CNNVD-201704-928"
},
{
"db": "NVD",
"id": "CVE-2017-7932"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-08-26T00:00:00",
"db": "IVD",
"id": "d823aa2f-dc34-445f-8238-cacbe1c66f3b"
},
{
"date": "2017-08-26T00:00:00",
"db": "CNVD",
"id": "CNVD-2017-23000"
},
{
"date": "2017-08-07T00:00:00",
"db": "VULHUB",
"id": "VHN-116135"
},
{
"date": "2017-07-26T00:00:00",
"db": "BID",
"id": "99966"
},
{
"date": "2017-09-14T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-007267"
},
{
"date": "2017-04-20T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201704-928"
},
{
"date": "2017-08-07T08:29:00.307000",
"db": "NVD",
"id": "CVE-2017-7932"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-08-26T00:00:00",
"db": "CNVD",
"id": "CNVD-2017-23000"
},
{
"date": "2019-10-09T00:00:00",
"db": "VULHUB",
"id": "VHN-116135"
},
{
"date": "2017-07-26T00:00:00",
"db": "BID",
"id": "99966"
},
{
"date": "2017-09-14T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-007267"
},
{
"date": "2019-10-17T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201704-928"
},
{
"date": "2025-04-20T01:37:25.860000",
"db": "NVD",
"id": "CVE-2017-7932"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "local",
"sources": [
{
"db": "BID",
"id": "99966"
},
{
"db": "CNNVD",
"id": "CNNVD-201704-928"
}
],
"trust": 0.9
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "plural NXP i.MX and Vybrid Certificate validation vulnerabilities in products",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-007267"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "trust management problem",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201704-928"
}
],
"trust": 0.6
}
}
VAR-201708-1393
Vulnerability from variot - Updated: 2025-04-20 23:29A stack-based buffer overflow issue was discovered in NXP i.MX 50, i.MX 53, i.MX 6ULL, i.MX 6UltraLite, i.MX 6SoloLite, i.MX 6Solo, i.MX 6DualLite, i.MX 6SoloX, i.MX 6Dual, i.MX 6Quad, i.MX 6DualPlus, i.MX 6QuadPlus, Vybrid VF3xx, Vybrid VF5xx, and Vybrid VF6xx. When the device is configured in security enabled configuration, SDP could be used to download a small section of code to an unprotected region of memory. plural NXP i.MX and Vybrid The product contains a buffer error vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. NXPi.MX50 and so on are different series of microprocessor products from NXPSemiconductors of the Netherlands. An attacker could exploit the vulnerability to cause a denial of service. Multiple i.MX Products is prone to multiple local security vulnerabilities. An attacker may exploit these issues to bypass certain security restrictions and perform unauthorized actions or execute arbitrary code within the context of the application. Failed exploit attempts will likely cause a denial-of-service condition. The following products are affected: NXP i.MX 50, i.MX 53, i.MX 6ULL, i.MX 6UltraLite, i.MX 6SoloLite, i.MX 6Solo, i.MX 6DualLite, i.MX 6SoloX, i.MX 6Dual , i.MX 6Quad, i.MX 6DualPlus, i.MX 6QuadPlus, Vybrid VF3xx, Vybrid VF5xx, Vybrid VF6xx
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201708-1393",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "i.mx 50",
"scope": "eq",
"trust": 1.6,
"vendor": "nxp",
"version": null
},
{
"model": "i.mx 6ultralite",
"scope": "eq",
"trust": 1.6,
"vendor": "nxp",
"version": null
},
{
"model": "i.mx 6quad",
"scope": "eq",
"trust": 1.6,
"vendor": "nxp",
"version": null
},
{
"model": "i.mx 6solo",
"scope": "eq",
"trust": 1.6,
"vendor": "nxp",
"version": null
},
{
"model": "i.mx 6dualplus",
"scope": "eq",
"trust": 1.6,
"vendor": "nxp",
"version": null
},
{
"model": "i.mx 6solox",
"scope": "eq",
"trust": 1.6,
"vendor": "nxp",
"version": null
},
{
"model": "i.mx 6quadplus",
"scope": "eq",
"trust": 1.6,
"vendor": "nxp",
"version": null
},
{
"model": "i.mx 6sololite",
"scope": "eq",
"trust": 1.6,
"vendor": "nxp",
"version": null
},
{
"model": "i.mx 6duallite",
"scope": "eq",
"trust": 1.6,
"vendor": "nxp",
"version": null
},
{
"model": "i.mx 6dual",
"scope": "eq",
"trust": 1.6,
"vendor": "nxp",
"version": null
},
{
"model": "vybrid mvf30nn151cku26",
"scope": "eq",
"trust": 1.0,
"vendor": "nxp",
"version": null
},
{
"model": "vybrid mvf61ns151cmk50",
"scope": "eq",
"trust": 1.0,
"vendor": "nxp",
"version": null
},
{
"model": "vybrid mvf50ns151cmk50",
"scope": "eq",
"trust": 1.0,
"vendor": "nxp",
"version": null
},
{
"model": "vybrid mvf50nn151cmk40",
"scope": "eq",
"trust": 1.0,
"vendor": "nxp",
"version": null
},
{
"model": "vybrid mvf60ns151cmk40",
"scope": "eq",
"trust": 1.0,
"vendor": "nxp",
"version": null
},
{
"model": "i.mx 6ull",
"scope": "eq",
"trust": 1.0,
"vendor": "nxp",
"version": null
},
{
"model": "vybrid mvf60nn151cmk40",
"scope": "eq",
"trust": 1.0,
"vendor": "nxp",
"version": null
},
{
"model": "vybrid mvf62nn151cmk40",
"scope": "eq",
"trust": 1.0,
"vendor": "nxp",
"version": null
},
{
"model": "vybrid mvf60ns151cmk50",
"scope": "eq",
"trust": 1.0,
"vendor": "nxp",
"version": null
},
{
"model": "vybrid mvf50nn151cmk50",
"scope": "eq",
"trust": 1.0,
"vendor": "nxp",
"version": null
},
{
"model": "vybrid mvf30ns151cku26",
"scope": "eq",
"trust": 1.0,
"vendor": "nxp",
"version": null
},
{
"model": "vybrid mvf60nn151cmk50",
"scope": "eq",
"trust": 1.0,
"vendor": "nxp",
"version": null
},
{
"model": "vybrid mvf51ns151cmk50",
"scope": "eq",
"trust": 1.0,
"vendor": "nxp",
"version": null
},
{
"model": "vybrid mvf50ns151cmk40",
"scope": "eq",
"trust": 1.0,
"vendor": "nxp",
"version": null
},
{
"model": "vybrid mvf51nn151cmk50",
"scope": "eq",
"trust": 1.0,
"vendor": "nxp",
"version": null
},
{
"model": "i.mx 53",
"scope": "eq",
"trust": 1.0,
"vendor": "nxp",
"version": null
},
{
"model": "vybrid mvf61nn151cmk50",
"scope": "eq",
"trust": 1.0,
"vendor": "nxp",
"version": null
},
{
"model": "i.mx 50",
"scope": null,
"trust": 0.8,
"vendor": "nxp semiconductors",
"version": null
},
{
"model": "i.mx 53",
"scope": null,
"trust": 0.8,
"vendor": "nxp semiconductors",
"version": null
},
{
"model": "i.mx 6dual",
"scope": null,
"trust": 0.8,
"vendor": "nxp semiconductors",
"version": null
},
{
"model": "i.mx 6duallite",
"scope": null,
"trust": 0.8,
"vendor": "nxp semiconductors",
"version": null
},
{
"model": "i.mx 6dualplus",
"scope": null,
"trust": 0.8,
"vendor": "nxp semiconductors",
"version": null
},
{
"model": "i.mx 6quad",
"scope": null,
"trust": 0.8,
"vendor": "nxp semiconductors",
"version": null
},
{
"model": "i.mx 6quadplus",
"scope": null,
"trust": 0.8,
"vendor": "nxp semiconductors",
"version": null
},
{
"model": "i.mx 6solo",
"scope": null,
"trust": 0.8,
"vendor": "nxp semiconductors",
"version": null
},
{
"model": "i.mx 6sololite",
"scope": null,
"trust": 0.8,
"vendor": "nxp semiconductors",
"version": null
},
{
"model": "i.mx 6solox",
"scope": null,
"trust": 0.8,
"vendor": "nxp semiconductors",
"version": null
},
{
"model": "i.mx 6ull",
"scope": null,
"trust": 0.8,
"vendor": "nxp semiconductors",
"version": null
},
{
"model": "i.mx 6ultralite",
"scope": null,
"trust": 0.8,
"vendor": "nxp semiconductors",
"version": null
},
{
"model": "vybrid mvf30nn151cku26",
"scope": null,
"trust": 0.8,
"vendor": "nxp semiconductors",
"version": null
},
{
"model": "vybrid mvf30ns151cku26",
"scope": null,
"trust": 0.8,
"vendor": "nxp semiconductors",
"version": null
},
{
"model": "vybrid mvf50nn151cmk40",
"scope": null,
"trust": 0.8,
"vendor": "nxp semiconductors",
"version": null
},
{
"model": "vybrid mvf50nn151cmk50",
"scope": null,
"trust": 0.8,
"vendor": "nxp semiconductors",
"version": null
},
{
"model": "vybrid mvf50ns151cmk40",
"scope": null,
"trust": 0.8,
"vendor": "nxp semiconductors",
"version": null
},
{
"model": "vybrid mvf50ns151cmk50",
"scope": null,
"trust": 0.8,
"vendor": "nxp semiconductors",
"version": null
},
{
"model": "vybrid mvf51nn151cmk50",
"scope": null,
"trust": 0.8,
"vendor": "nxp semiconductors",
"version": null
},
{
"model": "vybrid mvf51ns151cmk50",
"scope": null,
"trust": 0.8,
"vendor": "nxp semiconductors",
"version": null
},
{
"model": "vybrid mvf60nn151cmk40",
"scope": null,
"trust": 0.8,
"vendor": "nxp semiconductors",
"version": null
},
{
"model": "vybrid mvf60nn151cmk50",
"scope": null,
"trust": 0.8,
"vendor": "nxp semiconductors",
"version": null
},
{
"model": "vybrid mvf60ns151cmk40",
"scope": null,
"trust": 0.8,
"vendor": "nxp semiconductors",
"version": null
},
{
"model": "vybrid mvf60ns151cmk50",
"scope": null,
"trust": 0.8,
"vendor": "nxp semiconductors",
"version": null
},
{
"model": "vybrid mvf61nn151cmk50",
"scope": null,
"trust": 0.8,
"vendor": "nxp semiconductors",
"version": null
},
{
"model": "vybrid mvf61ns151cmk50",
"scope": null,
"trust": 0.8,
"vendor": "nxp semiconductors",
"version": null
},
{
"model": "vybrid mvf62nn151cmk40",
"scope": null,
"trust": 0.8,
"vendor": "nxp semiconductors",
"version": null
},
{
"model": "semiconductors i.mx",
"scope": "eq",
"trust": 0.6,
"vendor": "nxp",
"version": "50"
},
{
"model": "semiconductors i.mx",
"scope": "eq",
"trust": 0.6,
"vendor": "nxp",
"version": "53"
},
{
"model": "semiconductors i.mx 6ull",
"scope": null,
"trust": 0.6,
"vendor": "nxp",
"version": null
},
{
"model": "semiconductors i.mx 6ultralite",
"scope": null,
"trust": 0.6,
"vendor": "nxp",
"version": null
},
{
"model": "semiconductors i.mx 6sololite",
"scope": null,
"trust": 0.6,
"vendor": "nxp",
"version": null
},
{
"model": "semiconductors i.mx 6solo",
"scope": null,
"trust": 0.6,
"vendor": "nxp",
"version": null
},
{
"model": "semiconductors i.mx 6duallite",
"scope": null,
"trust": 0.6,
"vendor": "nxp",
"version": null
},
{
"model": "semiconductors i.mx 6quad",
"scope": null,
"trust": 0.6,
"vendor": "nxp",
"version": null
},
{
"model": "semiconductors i.mx 6solox",
"scope": null,
"trust": 0.6,
"vendor": "nxp",
"version": null
},
{
"model": "semiconductors i.mx 6dual",
"scope": null,
"trust": 0.6,
"vendor": "nxp",
"version": null
},
{
"model": "semiconductors i.mx 6dualplus",
"scope": null,
"trust": 0.6,
"vendor": "nxp",
"version": null
},
{
"model": "semiconductors i.mx 6quadplus",
"scope": null,
"trust": 0.6,
"vendor": "nxp",
"version": null
},
{
"model": "semiconductors vybrid vf3xx",
"scope": null,
"trust": 0.6,
"vendor": "nxp",
"version": null
},
{
"model": "semiconductors vybrid vf5xx",
"scope": null,
"trust": 0.6,
"vendor": "nxp",
"version": null
},
{
"model": "semiconductors vybrid vf6xx",
"scope": null,
"trust": 0.6,
"vendor": "nxp",
"version": null
},
{
"model": "semiconductors vybrid vf5xx",
"scope": "eq",
"trust": 0.3,
"vendor": "nxp",
"version": "0"
},
{
"model": "semiconductors vybrid vf3xx",
"scope": "eq",
"trust": 0.3,
"vendor": "nxp",
"version": "0"
},
{
"model": "semiconductors mifare ultralight",
"scope": "eq",
"trust": 0.3,
"vendor": "nxp",
"version": "0"
},
{
"model": "semiconductors mifare reader components",
"scope": "eq",
"trust": 0.3,
"vendor": "nxp",
"version": "0"
},
{
"model": "semiconductors mifare desfire ev1",
"scope": null,
"trust": 0.3,
"vendor": "nxp",
"version": null
},
{
"model": "semiconductors mifare classic",
"scope": "eq",
"trust": 0.3,
"vendor": "nxp",
"version": "0"
},
{
"model": "semiconductors imx 7solo",
"scope": "eq",
"trust": 0.3,
"vendor": "nxp",
"version": "0"
},
{
"model": "semiconductors imx 7dual",
"scope": "eq",
"trust": 0.3,
"vendor": "nxp",
"version": "0"
},
{
"model": "semiconductors imx 6ultralite",
"scope": "eq",
"trust": 0.3,
"vendor": "nxp",
"version": "0"
},
{
"model": "semiconductors imx 6ull",
"scope": "eq",
"trust": 0.3,
"vendor": "nxp",
"version": "0"
},
{
"model": "semiconductors imx 6solox",
"scope": "eq",
"trust": 0.3,
"vendor": "nxp",
"version": "0"
},
{
"model": "semiconductors imx 6sololite",
"scope": "eq",
"trust": 0.3,
"vendor": "nxp",
"version": "0"
},
{
"model": "semiconductors imx 6solo",
"scope": "eq",
"trust": 0.3,
"vendor": "nxp",
"version": "0"
},
{
"model": "semiconductors imx 6quadplus",
"scope": "eq",
"trust": 0.3,
"vendor": "nxp",
"version": "0"
},
{
"model": "semiconductors imx 6quad",
"scope": "eq",
"trust": 0.3,
"vendor": "nxp",
"version": "0"
},
{
"model": "semiconductors imx 6dualplus",
"scope": "eq",
"trust": 0.3,
"vendor": "nxp",
"version": "0"
},
{
"model": "semiconductors imx 6duallite",
"scope": "eq",
"trust": 0.3,
"vendor": "nxp",
"version": "0"
},
{
"model": "semiconductors imx 6dual",
"scope": "eq",
"trust": 0.3,
"vendor": "nxp",
"version": "0"
},
{
"model": "semiconductors imx",
"scope": "eq",
"trust": 0.3,
"vendor": "nxp",
"version": "530"
},
{
"model": "semiconductors imx",
"scope": "eq",
"trust": 0.3,
"vendor": "nxp",
"version": "500"
},
{
"model": "semiconductors imx",
"scope": "eq",
"trust": 0.3,
"vendor": "nxp",
"version": "280"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "vybrid mvf30nn151cku26",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "vybrid mvf60ns151cmk40",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "vybrid mvf60nn151cmk50",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "vybrid mvf60ns151cmk50",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "vybrid mvf61nn151cmk50",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "vybrid mvf61ns151cmk50",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "vybrid mvf62nn151cmk40",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "i mx 50",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "i mx 53",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "i mx 6ull",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "i mx 6ultralite",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "vybrid mvf30ns151cku26",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "i mx 6sololite",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "i mx 6solo",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "i mx 6duallite",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "i mx 6solox",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "i mx 6dual",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "i mx 6quad",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "i mx 6quadplus",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "i mx 6dualplus",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "vybrid mvf50nn151cmk40",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "vybrid mvf50nn151cmk50",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "vybrid mvf50ns151cmk40",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "vybrid mvf50ns151cmk50",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "vybrid mvf51nn151cmk50",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "vybrid mvf51ns151cmk50",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "vybrid mvf60nn151cmk40",
"version": null
}
],
"sources": [
{
"db": "IVD",
"id": "235898d3-c5e6-4883-bf99-cc01c40e3f48"
},
{
"db": "CNVD",
"id": "CNVD-2017-23001"
},
{
"db": "BID",
"id": "99966"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-007268"
},
{
"db": "CNNVD",
"id": "CNNVD-201704-924"
},
{
"db": "NVD",
"id": "CVE-2017-7936"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/o:nxp:i.mx_50_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:nxp:i.mx_53_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:nxp:i.mx_6dual_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:nxp:i.mx_6duallite_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:nxp:i.mx_6dualplus_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:nxp:i.mx_6quad_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:nxp:i.mx_6quadplus_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:nxp:i.mx_6solo_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:nxp:i.mx_6sololite_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:nxp:i.mx_6solox_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:nxp:i.mx_6ull_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:nxp:i.mx_6ultralite_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:nxp:vybrid_mvf30nn151cku26_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:nxp:vybrid_mvf30ns151cku26_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:nxp:vybrid_mvf50nn151cmk40_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:nxp:vybrid_mvf50nn151cmk50_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:nxp:vybrid_mvf50ns151cmk40_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:nxp:vybrid_mvf50ns151cmk50_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:nxp:vybrid_mvf51nn151cmk50_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:nxp:vybrid_mvf51ns151cmk50_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:nxp:vybrid_mvf60nn151cmk40_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:nxp:vybrid_mvf60nn151cmk50_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:nxp:vybrid_mvf60ns151cmk40_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:nxp:vybrid_mvf60ns151cmk50_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:nxp:vybrid_mvf61nn151cmk50_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:nxp:vybrid_mvf61ns151cmk50_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:nxp:vybrid_mvf62nn151cmk40_firmware",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-007268"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Quarkslab.",
"sources": [
{
"db": "BID",
"id": "99966"
}
],
"trust": 0.3
},
"cve": "CVE-2017-7936",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 4.4,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 3.4,
"id": "CVE-2017-7936",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 1.9,
"vectorString": "AV:L/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "HIGH",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "PARTIAL",
"baseScore": 5.2,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 1.9,
"id": "CNVD-2017-23001",
"impactScore": 8.5,
"integrityImpact": "COMPLETE",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:L/AC:H/Au:N/C:P/I:C/A:P",
"version": "2.0"
},
{
"accessComplexity": "HIGH",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "PARTIAL",
"baseScore": 5.2,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 1.9,
"id": "235898d3-c5e6-4883-bf99-cc01c40e3f48",
"impactScore": 8.5,
"integrityImpact": "COMPLETE",
"severity": "MEDIUM",
"trust": 0.2,
"vectorString": "AV:L/AC:H/Au:N/C:P/I:C/A:P",
"version": "2.9 [IVD]"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 4.4,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 3.4,
"id": "VHN-116139",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:L/AC:M/AU:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "HIGH",
"attackVector": "PHYSICAL",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 0.4,
"id": "CVE-2017-7936",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"trust": 1.8,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:P/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2017-7936",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "CVE-2017-7936",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNVD",
"id": "CNVD-2017-23001",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201704-924",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "IVD",
"id": "235898d3-c5e6-4883-bf99-cc01c40e3f48",
"trust": 0.2,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-116139",
"trust": 0.1,
"value": "MEDIUM"
},
{
"author": "VULMON",
"id": "CVE-2017-7936",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "235898d3-c5e6-4883-bf99-cc01c40e3f48"
},
{
"db": "CNVD",
"id": "CNVD-2017-23001"
},
{
"db": "VULHUB",
"id": "VHN-116139"
},
{
"db": "VULMON",
"id": "CVE-2017-7936"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-007268"
},
{
"db": "CNNVD",
"id": "CNNVD-201704-924"
},
{
"db": "NVD",
"id": "CVE-2017-7936"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "A stack-based buffer overflow issue was discovered in NXP i.MX 50, i.MX 53, i.MX 6ULL, i.MX 6UltraLite, i.MX 6SoloLite, i.MX 6Solo, i.MX 6DualLite, i.MX 6SoloX, i.MX 6Dual, i.MX 6Quad, i.MX 6DualPlus, i.MX 6QuadPlus, Vybrid VF3xx, Vybrid VF5xx, and Vybrid VF6xx. When the device is configured in security enabled configuration, SDP could be used to download a small section of code to an unprotected region of memory. plural NXP i.MX and Vybrid The product contains a buffer error vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. NXPi.MX50 and so on are different series of microprocessor products from NXPSemiconductors of the Netherlands. An attacker could exploit the vulnerability to cause a denial of service. Multiple i.MX Products is prone to multiple local security vulnerabilities. \nAn attacker may exploit these issues to bypass certain security restrictions and perform unauthorized actions or execute arbitrary code within the context of the application. Failed exploit attempts will likely cause a denial-of-service condition. The following products are affected: NXP i.MX 50, i.MX 53, i.MX 6ULL, i.MX 6UltraLite, i.MX 6SoloLite, i.MX 6Solo, i.MX 6DualLite, i.MX 6SoloX, i.MX 6Dual , i.MX 6Quad, i.MX 6DualPlus, i.MX 6QuadPlus, Vybrid VF3xx, Vybrid VF5xx, Vybrid VF6xx",
"sources": [
{
"db": "NVD",
"id": "CVE-2017-7936"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-007268"
},
{
"db": "CNVD",
"id": "CNVD-2017-23001"
},
{
"db": "BID",
"id": "99966"
},
{
"db": "IVD",
"id": "235898d3-c5e6-4883-bf99-cc01c40e3f48"
},
{
"db": "VULHUB",
"id": "VHN-116139"
},
{
"db": "VULMON",
"id": "CVE-2017-7936"
}
],
"trust": 2.79
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2017-7936",
"trust": 3.7
},
{
"db": "ICS CERT",
"id": "ICSA-17-152-02",
"trust": 3.5
},
{
"db": "BID",
"id": "99966",
"trust": 2.7
},
{
"db": "CNNVD",
"id": "CNNVD-201704-924",
"trust": 0.9
},
{
"db": "CNVD",
"id": "CNVD-2017-23001",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2017-007268",
"trust": 0.8
},
{
"db": "IVD",
"id": "235898D3-C5E6-4883-BF99-CC01C40E3F48",
"trust": 0.2
},
{
"db": "VULHUB",
"id": "VHN-116139",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2017-7936",
"trust": 0.1
}
],
"sources": [
{
"db": "IVD",
"id": "235898d3-c5e6-4883-bf99-cc01c40e3f48"
},
{
"db": "CNVD",
"id": "CNVD-2017-23001"
},
{
"db": "VULHUB",
"id": "VHN-116139"
},
{
"db": "VULMON",
"id": "CVE-2017-7936"
},
{
"db": "BID",
"id": "99966"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-007268"
},
{
"db": "CNNVD",
"id": "CNNVD-201704-924"
},
{
"db": "NVD",
"id": "CVE-2017-7936"
}
]
},
"id": "VAR-201708-1393",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "IVD",
"id": "235898d3-c5e6-4883-bf99-cc01c40e3f48"
},
{
"db": "CNVD",
"id": "CNVD-2017-23001"
},
{
"db": "VULHUB",
"id": "VHN-116139"
}
],
"trust": 1.7333333062499998
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS",
"Network device"
],
"sub_category": null,
"trust": 0.6
},
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 0.2
}
],
"sources": [
{
"db": "IVD",
"id": "235898d3-c5e6-4883-bf99-cc01c40e3f48"
},
{
"db": "CNVD",
"id": "CNVD-2017-23001"
}
]
},
"last_update_date": "2025-04-20T23:29:34.844000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "i.MX \u0026 Vybrid Security Vulnerability Errata - ERR010872, ERR010873",
"trust": 0.8,
"url": "https://community.nxp.com/docs/DOC-334996"
},
{
"title": "Patches for multiple NXPi.MX product stack buffer overflow vulnerabilities",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/100889"
},
{
"title": "Multiple NXP i.MX Product Buffer Error Vulnerability Fix",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=99740"
},
{
"title": "usb-device-security",
"trust": 0.1,
"url": "https://github.com/parallelbeings/usb-device-security "
},
{
"title": "advisories",
"trust": 0.1,
"url": "https://github.com/inversepath/advisories "
},
{
"title": "advisories",
"trust": 0.1,
"url": "https://github.com/f-secure-foundry/advisories "
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-23001"
},
{
"db": "VULMON",
"id": "CVE-2017-7936"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-007268"
},
{
"db": "CNNVD",
"id": "CNNVD-201704-924"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-119",
"trust": 1.9
},
{
"problemtype": "CWE-121",
"trust": 1.0
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-116139"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-007268"
},
{
"db": "NVD",
"id": "CVE-2017-7936"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 3.5,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-17-152-02"
},
{
"trust": 2.5,
"url": "http://www.securityfocus.com/bid/99966"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-7936"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-7936"
},
{
"trust": 0.3,
"url": "http://www.nxp.com/"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/119.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://github.com/parallelbeings/usb-device-security"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-23001"
},
{
"db": "VULHUB",
"id": "VHN-116139"
},
{
"db": "VULMON",
"id": "CVE-2017-7936"
},
{
"db": "BID",
"id": "99966"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-007268"
},
{
"db": "CNNVD",
"id": "CNNVD-201704-924"
},
{
"db": "NVD",
"id": "CVE-2017-7936"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "IVD",
"id": "235898d3-c5e6-4883-bf99-cc01c40e3f48"
},
{
"db": "CNVD",
"id": "CNVD-2017-23001"
},
{
"db": "VULHUB",
"id": "VHN-116139"
},
{
"db": "VULMON",
"id": "CVE-2017-7936"
},
{
"db": "BID",
"id": "99966"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-007268"
},
{
"db": "CNNVD",
"id": "CNNVD-201704-924"
},
{
"db": "NVD",
"id": "CVE-2017-7936"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-08-26T00:00:00",
"db": "IVD",
"id": "235898d3-c5e6-4883-bf99-cc01c40e3f48"
},
{
"date": "2017-08-26T00:00:00",
"db": "CNVD",
"id": "CNVD-2017-23001"
},
{
"date": "2017-08-07T00:00:00",
"db": "VULHUB",
"id": "VHN-116139"
},
{
"date": "2017-08-07T00:00:00",
"db": "VULMON",
"id": "CVE-2017-7936"
},
{
"date": "2017-07-26T00:00:00",
"db": "BID",
"id": "99966"
},
{
"date": "2017-09-14T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-007268"
},
{
"date": "2017-04-20T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201704-924"
},
{
"date": "2017-08-07T08:29:00.353000",
"db": "NVD",
"id": "CVE-2017-7936"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-08-26T00:00:00",
"db": "CNVD",
"id": "CNVD-2017-23001"
},
{
"date": "2019-10-09T00:00:00",
"db": "VULHUB",
"id": "VHN-116139"
},
{
"date": "2019-10-09T00:00:00",
"db": "VULMON",
"id": "CVE-2017-7936"
},
{
"date": "2017-07-26T00:00:00",
"db": "BID",
"id": "99966"
},
{
"date": "2017-09-14T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-007268"
},
{
"date": "2019-10-17T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201704-924"
},
{
"date": "2025-04-20T01:37:25.860000",
"db": "NVD",
"id": "CVE-2017-7936"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "local",
"sources": [
{
"db": "BID",
"id": "99966"
},
{
"db": "CNNVD",
"id": "CNNVD-201704-924"
}
],
"trust": 0.9
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "plural NXP i.MX and Vybrid Product buffer error vulnerability",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-007268"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Buffer error",
"sources": [
{
"db": "IVD",
"id": "235898d3-c5e6-4883-bf99-cc01c40e3f48"
},
{
"db": "CNNVD",
"id": "CNNVD-201704-924"
}
],
"trust": 0.8
}
}
VAR-202002-0294
Vulnerability from variot - Updated: 2025-01-30 21:12The Bluetooth Low Energy (BLE) stack implementation on the NXP KW41Z (based on the MCUXpresso SDK with Bluetooth Low Energy Driver 2.2.1 and earlier) does not properly restrict the BLE Link Layer header and executes certain memory contents upon receiving a packet with a Link Layer ID (LLID) equal to zero. This allows attackers within radio range to cause deadlocks, cause anomalous behavior in the BLE state machine, or trigger a buffer overflow via a crafted BLE Link Layer frame. MCUXpresso SDK Exists in a classic buffer overflow vulnerability.Service operation interruption (DoS) It may be put into a state
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202002-0294",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "mcuxpresso software development kit",
"scope": "lte",
"trust": 1.0,
"vendor": "nxp",
"version": "2.2.1"
},
{
"model": "mcuxpresso sdk",
"scope": "eq",
"trust": 0.8,
"vendor": "nxp semiconductors",
"version": "2.2.1"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-014554"
},
{
"db": "NVD",
"id": "CVE-2019-17060"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:nxp:mcuxpresso_software_development_kit",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-014554"
}
]
},
"cve": "CVE-2019-17060",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 6.1,
"confidentialityImpact": "NONE",
"exploitabilityScore": 6.5,
"id": "CVE-2019-17060",
"impactScore": 6.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 1.1,
"vectorString": "AV:A/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Adjacent Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 6.1,
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "JVNDB-2019-014554",
"impactScore": null,
"integrityImpact": "None",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:A/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "ADJACENT",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"exploitabilityScore": 2.8,
"id": "CVE-2019-17060",
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Adjacent Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 6.5,
"baseSeverity": "Medium",
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "JVNDB-2019-014554",
"impactScore": null,
"integrityImpact": "None",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2019-17060",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "JVNDB-2019-014554",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNNVD",
"id": "CNNVD-202002-347",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULMON",
"id": "CVE-2019-17060",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2019-17060"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-014554"
},
{
"db": "CNNVD",
"id": "CNNVD-202002-347"
},
{
"db": "NVD",
"id": "CVE-2019-17060"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The Bluetooth Low Energy (BLE) stack implementation on the NXP KW41Z (based on the MCUXpresso SDK with Bluetooth Low Energy Driver 2.2.1 and earlier) does not properly restrict the BLE Link Layer header and executes certain memory contents upon receiving a packet with a Link Layer ID (LLID) equal to zero. This allows attackers within radio range to cause deadlocks, cause anomalous behavior in the BLE state machine, or trigger a buffer overflow via a crafted BLE Link Layer frame. MCUXpresso SDK Exists in a classic buffer overflow vulnerability.Service operation interruption (DoS) It may be put into a state",
"sources": [
{
"db": "NVD",
"id": "CVE-2019-17060"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-014554"
},
{
"db": "VULMON",
"id": "CVE-2019-17060"
}
],
"trust": 1.71
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2019-17060",
"trust": 2.6
},
{
"db": "ICS CERT ALERT",
"id": "ICS-ALERT-20-063-01",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2019-014554",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-202002-347",
"trust": 0.6
},
{
"db": "OTHER",
"id": "NONE",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2019-17060",
"trust": 0.1
}
],
"sources": [
{
"db": "OTHER",
"id": null
},
{
"db": "VULMON",
"id": "CVE-2019-17060"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-014554"
},
{
"db": "CNNVD",
"id": "CNNVD-202002-347"
},
{
"db": "NVD",
"id": "CVE-2019-17060"
}
]
},
"id": "VAR-202002-0294",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "OTHER",
"id": null
}
],
"trust": 0.01
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"network device"
],
"sub_category": "bluetooth device",
"trust": 0.1
}
],
"sources": [
{
"db": "OTHER",
"id": null
}
]
},
"last_update_date": "2025-01-30T21:12:27.412000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Bluetooth Smart/Bluetooth Low Energy",
"trust": 0.8,
"url": "https://www.nxp.com/products/wireless/bluetooth-low-energy:BLUETOOTH-LOW-ENERGY-BLE"
},
{
"title": "NXP Semiconductors KW41Z Buffer error vulnerability fix",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=110688"
},
{
"title": "",
"trust": 0.1,
"url": "https://github.com/Live-Hack-CVE/CVE-2019-17060 "
},
{
"title": "sweyntooth_bluetooth_low_energy_attacks",
"trust": 0.1,
"url": "https://github.com/Matheus-Garbelini/sweyntooth_bluetooth_low_energy_attacks "
},
{
"title": "",
"trust": 0.1,
"url": "https://github.com/sd258sos/bluetooth-security-app "
},
{
"title": "awesome-bluetooth-security",
"trust": 0.1,
"url": "https://github.com/engn33r/awesome-bluetooth-security "
},
{
"title": "",
"trust": 0.1,
"url": "https://github.com/JeffroMF/awesome-bluetooth-security321 "
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2019-17060"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-014554"
},
{
"db": "CNNVD",
"id": "CNNVD-202002-347"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-120",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-014554"
},
{
"db": "NVD",
"id": "CVE-2019-17060"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.7,
"url": "https://www.nxp.com/products/wireless/bluetooth-low-energy:bluetooth-low-energy-ble"
},
{
"trust": 1.7,
"url": "https://asset-group.github.io/disclosures/sweyntooth/"
},
{
"trust": 1.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-17060"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-17060"
},
{
"trust": 0.8,
"url": "https://www.us-cert.gov/ics/alerts/ics-alert-20-063-01"
},
{
"trust": 0.1,
"url": "https://ieeexplore.ieee.org/abstract/document/10769424"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/120.html"
},
{
"trust": 0.1,
"url": "https://github.com/live-hack-cve/cve-2019-17060"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://github.com/matheus-garbelini/sweyntooth_bluetooth_low_energy_attacks"
}
],
"sources": [
{
"db": "OTHER",
"id": null
},
{
"db": "VULMON",
"id": "CVE-2019-17060"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-014554"
},
{
"db": "CNNVD",
"id": "CNNVD-202002-347"
},
{
"db": "NVD",
"id": "CVE-2019-17060"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "OTHER",
"id": null
},
{
"db": "VULMON",
"id": "CVE-2019-17060"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-014554"
},
{
"db": "CNNVD",
"id": "CNNVD-202002-347"
},
{
"db": "NVD",
"id": "CVE-2019-17060"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2020-02-10T00:00:00",
"db": "VULMON",
"id": "CVE-2019-17060"
},
{
"date": "2020-02-28T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2019-014554"
},
{
"date": "2020-02-10T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202002-347"
},
{
"date": "2020-02-10T21:51:09.313000",
"db": "NVD",
"id": "CVE-2019-17060"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2022-11-02T00:00:00",
"db": "VULMON",
"id": "CVE-2019-17060"
},
{
"date": "2020-03-04T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2019-014554"
},
{
"date": "2021-01-05T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202002-347"
},
{
"date": "2024-11-21T04:31:37.480000",
"db": "NVD",
"id": "CVE-2019-17060"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote or local",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202002-347"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "MCUXpresso SDK Classic buffer overflow vulnerability in",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-014554"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202002-347"
}
],
"trust": 0.6
}
}
VAR-202002-0394
Vulnerability from variot - Updated: 2025-01-30 21:04The Bluetooth Low Energy implementation on NXP SDK through 2.2.1 for KW41Z devices does not properly restrict the Link Layer payload length, allowing attackers in radio range to cause a buffer overflow via a crafted packet. KW41Z For devices NXP SDK Exists in a classic buffer overflow vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202002-0394",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "mcuxpresso software development kit",
"scope": "lte",
"trust": 1.0,
"vendor": "nxp",
"version": "2.2.1"
},
{
"model": "kw41z sdk",
"scope": "eq",
"trust": 0.8,
"vendor": "nxp semiconductors",
"version": "2.2.1"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-014660"
},
{
"db": "NVD",
"id": "CVE-2019-17519"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:nxp:kw41z_sdk",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-014660"
}
]
},
"cve": "CVE-2019-17519",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 5.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 6.5,
"id": "CVE-2019-17519",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 1.1,
"vectorString": "AV:A/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Adjacent Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Partial",
"baseScore": 5.8,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "JVNDB-2019-014660",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:A/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "ADJACENT",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.8,
"id": "CVE-2019-17519",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Adjacent Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 8.8,
"baseSeverity": "High",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "JVNDB-2019-014660",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2019-17519",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "JVNDB-2019-014660",
"trust": 0.8,
"value": "High"
},
{
"author": "CNNVD",
"id": "CNNVD-202002-704",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULMON",
"id": "CVE-2019-17519",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2019-17519"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-014660"
},
{
"db": "CNNVD",
"id": "CNNVD-202002-704"
},
{
"db": "NVD",
"id": "CVE-2019-17519"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The Bluetooth Low Energy implementation on NXP SDK through 2.2.1 for KW41Z devices does not properly restrict the Link Layer payload length, allowing attackers in radio range to cause a buffer overflow via a crafted packet. KW41Z For devices NXP SDK Exists in a classic buffer overflow vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state",
"sources": [
{
"db": "NVD",
"id": "CVE-2019-17519"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-014660"
},
{
"db": "VULMON",
"id": "CVE-2019-17519"
}
],
"trust": 1.71
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2019-17519",
"trust": 2.6
},
{
"db": "ICS CERT ALERT",
"id": "ICS-ALERT-20-063-01",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2019-014660",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-202002-704",
"trust": 0.6
},
{
"db": "OTHER",
"id": "NONE",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2019-17519",
"trust": 0.1
}
],
"sources": [
{
"db": "OTHER",
"id": null
},
{
"db": "VULMON",
"id": "CVE-2019-17519"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-014660"
},
{
"db": "CNNVD",
"id": "CNNVD-202002-704"
},
{
"db": "NVD",
"id": "CVE-2019-17519"
}
]
},
"id": "VAR-202002-0394",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "OTHER",
"id": null
}
],
"trust": 0.01
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"network device"
],
"sub_category": "bluetooth device",
"trust": 0.1
}
],
"sources": [
{
"db": "OTHER",
"id": null
}
]
},
"last_update_date": "2025-01-30T21:04:40.927000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Top Page",
"trust": 0.8,
"url": "https://www.nxp.com/"
},
{
"title": "",
"trust": 0.1,
"url": "https://github.com/Live-Hack-CVE/CVE-2019-17519 "
},
{
"title": "sweyntooth_bluetooth_low_energy_attacks",
"trust": 0.1,
"url": "https://github.com/Matheus-Garbelini/sweyntooth_bluetooth_low_energy_attacks "
},
{
"title": "",
"trust": 0.1,
"url": "https://github.com/sd258sos/bluetooth-security-app "
},
{
"title": "awesome-bluetooth-security",
"trust": 0.1,
"url": "https://github.com/engn33r/awesome-bluetooth-security "
},
{
"title": "",
"trust": 0.1,
"url": "https://github.com/JeffroMF/awesome-bluetooth-security321 "
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2019-17519"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-014660"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-120",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-014660"
},
{
"db": "NVD",
"id": "CVE-2019-17519"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.5,
"url": "https://asset-group.github.io/disclosures/sweyntooth/"
},
{
"trust": 1.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-17519"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-17519"
},
{
"trust": 0.8,
"url": "https://www.us-cert.gov/ics/alerts/ics-alert-20-063-01"
},
{
"trust": 0.1,
"url": "https://ieeexplore.ieee.org/abstract/document/10769424"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/120.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://github.com/live-hack-cve/cve-2019-17519"
},
{
"trust": 0.1,
"url": "https://github.com/matheus-garbelini/sweyntooth_bluetooth_low_energy_attacks"
}
],
"sources": [
{
"db": "OTHER",
"id": null
},
{
"db": "VULMON",
"id": "CVE-2019-17519"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-014660"
},
{
"db": "CNNVD",
"id": "CNNVD-202002-704"
},
{
"db": "NVD",
"id": "CVE-2019-17519"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "OTHER",
"id": null
},
{
"db": "VULMON",
"id": "CVE-2019-17519"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-014660"
},
{
"db": "CNNVD",
"id": "CNNVD-202002-704"
},
{
"db": "NVD",
"id": "CVE-2019-17519"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2020-02-12T00:00:00",
"db": "VULMON",
"id": "CVE-2019-17519"
},
{
"date": "2020-03-06T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2019-014660"
},
{
"date": "2020-02-12T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202002-704"
},
{
"date": "2020-02-12T19:15:14.047000",
"db": "NVD",
"id": "CVE-2019-17519"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2022-11-02T00:00:00",
"db": "VULMON",
"id": "CVE-2019-17519"
},
{
"date": "2020-03-26T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2019-014660"
},
{
"date": "2021-01-05T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202002-704"
},
{
"date": "2024-11-21T04:32:25.940000",
"db": "NVD",
"id": "CVE-2019-17519"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote or local",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202002-704"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "KW41Z For devices NXP SDK Classic buffer overflow vulnerability in",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-014660"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202002-704"
}
],
"trust": 0.6
}
}
VAR-201909-1028
Vulnerability from variot - Updated: 2024-11-23 22:37On NXP Kinetis KV1x, Kinetis KV3x, and Kinetis K8x devices, Flash Access Controls (FAC) (a software IP protection method for execute-only access) can be defeated by leveraging a load instruction inside the execute-only region to expose the protected code into a CPU register. NXP Kinetis KV1x , KV3x , K8x Devices have authentication vulnerabilities.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. NXP Semiconductors NXP Kinetis KV1x, etc. are all microcontrollers from NXP Semiconductors in the Netherlands. A security vulnerability exists in NXP Semiconductors NXP Kinetis KV1x, Kinetis KV3x, and Kinetis K8x. An attacker could exploit this vulnerability to bypass Flash Access Controls (FAC) protection
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201909-1028",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "kinetis k8x",
"scope": "eq",
"trust": 2.2,
"vendor": "nxp",
"version": null
},
{
"model": "kinetis kv1x",
"scope": "eq",
"trust": 2.2,
"vendor": "nxp",
"version": null
},
{
"model": "kinetis kv3x",
"scope": "eq",
"trust": 2.2,
"vendor": "nxp",
"version": null
},
{
"model": "kinetis k8x",
"scope": null,
"trust": 0.8,
"vendor": "nxp semiconductors",
"version": null
},
{
"model": "kinetis kv1x",
"scope": null,
"trust": 0.8,
"vendor": "nxp semiconductors",
"version": null
},
{
"model": "kinetis kv3x",
"scope": null,
"trust": 0.8,
"vendor": "nxp semiconductors",
"version": null
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-009672"
},
{
"db": "CNNVD",
"id": "CNNVD-201909-1090"
},
{
"db": "NVD",
"id": "CVE-2019-14239"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/o:nxp:kinetis_k8x_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:nxp:kinetis_kv1x_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:nxp:kinetis_kv3x_firmware",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-009672"
}
]
},
"cve": "CVE-2019-14239",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 4.6,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 3.9,
"id": "CVE-2019-14239",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 1.9,
"vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 4.6,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 3.9,
"id": "VHN-146165",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:L/AC:L/AU:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "PHYSICAL",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 6.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 0.7,
"id": "CVE-2019-14239",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Physical",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 6.6,
"baseSeverity": "Medium",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2019-14239",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "Low",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:P/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2019-14239",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "CVE-2019-14239",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNNVD",
"id": "CNNVD-201909-1090",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-146165",
"trust": 0.1,
"value": "MEDIUM"
},
{
"author": "VULMON",
"id": "CVE-2019-14239",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-146165"
},
{
"db": "VULMON",
"id": "CVE-2019-14239"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-009672"
},
{
"db": "CNNVD",
"id": "CNNVD-201909-1090"
},
{
"db": "NVD",
"id": "CVE-2019-14239"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "On NXP Kinetis KV1x, Kinetis KV3x, and Kinetis K8x devices, Flash Access Controls (FAC) (a software IP protection method for execute-only access) can be defeated by leveraging a load instruction inside the execute-only region to expose the protected code into a CPU register. NXP Kinetis KV1x , KV3x , K8x Devices have authentication vulnerabilities.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. NXP Semiconductors NXP Kinetis KV1x, etc. are all microcontrollers from NXP Semiconductors in the Netherlands. A security vulnerability exists in NXP Semiconductors NXP Kinetis KV1x, Kinetis KV3x, and Kinetis K8x. An attacker could exploit this vulnerability to bypass Flash Access Controls (FAC) protection",
"sources": [
{
"db": "NVD",
"id": "CVE-2019-14239"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-009672"
},
{
"db": "VULHUB",
"id": "VHN-146165"
},
{
"db": "VULMON",
"id": "CVE-2019-14239"
}
],
"trust": 1.8
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2019-14239",
"trust": 2.6
},
{
"db": "JVNDB",
"id": "JVNDB-2019-009672",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201909-1090",
"trust": 0.7
},
{
"db": "VULHUB",
"id": "VHN-146165",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2019-14239",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-146165"
},
{
"db": "VULMON",
"id": "CVE-2019-14239"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-009672"
},
{
"db": "CNNVD",
"id": "CNNVD-201909-1090"
},
{
"db": "NVD",
"id": "CVE-2019-14239"
}
]
},
"id": "VAR-201909-1028",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-146165"
}
],
"trust": 0.01
},
"last_update_date": "2024-11-23T22:37:42.487000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Top Page",
"trust": 0.8,
"url": "https://www.nxp.com/"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-009672"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-287",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-146165"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-009672"
},
{
"db": "NVD",
"id": "CVE-2019-14239"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.6,
"url": "https://www.usenix.org/system/files/woot19-paper_schink.pdf"
},
{
"trust": 1.8,
"url": "https://www.usenix.org/conference/woot19/presentation/schink"
},
{
"trust": 1.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-14239"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-14239"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/287.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-146165"
},
{
"db": "VULMON",
"id": "CVE-2019-14239"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-009672"
},
{
"db": "CNNVD",
"id": "CNNVD-201909-1090"
},
{
"db": "NVD",
"id": "CVE-2019-14239"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-146165"
},
{
"db": "VULMON",
"id": "CVE-2019-14239"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-009672"
},
{
"db": "CNNVD",
"id": "CNNVD-201909-1090"
},
{
"db": "NVD",
"id": "CVE-2019-14239"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2019-09-24T00:00:00",
"db": "VULHUB",
"id": "VHN-146165"
},
{
"date": "2019-09-24T00:00:00",
"db": "VULMON",
"id": "CVE-2019-14239"
},
{
"date": "2019-09-26T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2019-009672"
},
{
"date": "2019-09-24T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201909-1090"
},
{
"date": "2019-09-24T19:15:11.333000",
"db": "NVD",
"id": "CVE-2019-14239"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2019-09-25T00:00:00",
"db": "VULHUB",
"id": "VHN-146165"
},
{
"date": "2019-09-25T00:00:00",
"db": "VULMON",
"id": "CVE-2019-14239"
},
{
"date": "2019-09-26T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2019-009672"
},
{
"date": "2019-09-30T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201909-1090"
},
{
"date": "2024-11-21T04:26:16.327000",
"db": "NVD",
"id": "CVE-2019-14239"
}
]
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "plural NXP Kinetis Authentication vulnerabilities in product devices",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-009672"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "authorization issue",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201909-1090"
}
],
"trust": 0.6
}
}
VAR-201909-1026
Vulnerability from variot - Updated: 2024-11-23 22:29On NXP Kinetis KV1x, Kinetis KV3x, and Kinetis K8x devices, Flash Access Controls (FAC) (a software IP protection method for execute-only access) can be defeated by observing CPU registers and the effect of code/instruction execution. NXP Kinetis KV1x , KV3x , K8x Devices contain an unauthorized authentication vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. NXP Semiconductors NXP Kinetis KV1x, etc. are all microcontrollers from NXP Semiconductors in the Netherlands. A security vulnerability exists in NXP Semiconductors NXP Kinetis KV1x, Kinetis KV3x, and Kinetis K8x
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201909-1026",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "kinetis k8x",
"scope": "eq",
"trust": 2.2,
"vendor": "nxp",
"version": null
},
{
"model": "kinetis kv1x",
"scope": "eq",
"trust": 2.2,
"vendor": "nxp",
"version": null
},
{
"model": "kinetis kv3x",
"scope": "eq",
"trust": 2.2,
"vendor": "nxp",
"version": null
},
{
"model": "kinetis k8x",
"scope": null,
"trust": 0.8,
"vendor": "nxp semiconductors",
"version": null
},
{
"model": "kinetis kv1x",
"scope": null,
"trust": 0.8,
"vendor": "nxp semiconductors",
"version": null
},
{
"model": "kinetis kv3x",
"scope": null,
"trust": 0.8,
"vendor": "nxp semiconductors",
"version": null
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-009333"
},
{
"db": "CNNVD",
"id": "CNNVD-201909-649"
},
{
"db": "NVD",
"id": "CVE-2019-14237"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/o:nxp:kinetis_k8x_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:nxp:kinetis_kv1x_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:nxp:kinetis_kv3x_firmware",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-009333"
}
]
},
"cve": "CVE-2019-14237",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CVE-2019-14237",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 1.8,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "VHN-146163",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"id": "CVE-2019-14237",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 9.8,
"baseSeverity": "Critical",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2019-14237",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2019-14237",
"trust": 1.0,
"value": "CRITICAL"
},
{
"author": "NVD",
"id": "CVE-2019-14237",
"trust": 0.8,
"value": "Critical"
},
{
"author": "CNNVD",
"id": "CNNVD-201909-649",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-146163",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-146163"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-009333"
},
{
"db": "CNNVD",
"id": "CNNVD-201909-649"
},
{
"db": "NVD",
"id": "CVE-2019-14237"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "On NXP Kinetis KV1x, Kinetis KV3x, and Kinetis K8x devices, Flash Access Controls (FAC) (a software IP protection method for execute-only access) can be defeated by observing CPU registers and the effect of code/instruction execution. NXP Kinetis KV1x , KV3x , K8x Devices contain an unauthorized authentication vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. NXP Semiconductors NXP Kinetis KV1x, etc. are all microcontrollers from NXP Semiconductors in the Netherlands. A security vulnerability exists in NXP Semiconductors NXP Kinetis KV1x, Kinetis KV3x, and Kinetis K8x",
"sources": [
{
"db": "NVD",
"id": "CVE-2019-14237"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-009333"
},
{
"db": "VULHUB",
"id": "VHN-146163"
}
],
"trust": 1.71
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2019-14237",
"trust": 2.5
},
{
"db": "JVNDB",
"id": "JVNDB-2019-009333",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201909-649",
"trust": 0.7
},
{
"db": "VULHUB",
"id": "VHN-146163",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-146163"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-009333"
},
{
"db": "CNNVD",
"id": "CNNVD-201909-649"
},
{
"db": "NVD",
"id": "CVE-2019-14237"
}
]
},
"id": "VAR-201909-1026",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-146163"
}
],
"trust": 0.01
},
"last_update_date": "2024-11-23T22:29:52.838000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Top Page",
"trust": 0.8,
"url": "https://www.nxp.com/"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-009333"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-863",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-146163"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-009333"
},
{
"db": "NVD",
"id": "CVE-2019-14237"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.5,
"url": "https://www.usenix.org/system/files/woot19-paper_schink.pdf"
},
{
"trust": 1.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-14237"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-14237"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-146163"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-009333"
},
{
"db": "CNNVD",
"id": "CNNVD-201909-649"
},
{
"db": "NVD",
"id": "CVE-2019-14237"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-146163"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-009333"
},
{
"db": "CNNVD",
"id": "CNNVD-201909-649"
},
{
"db": "NVD",
"id": "CVE-2019-14237"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2019-09-12T00:00:00",
"db": "VULHUB",
"id": "VHN-146163"
},
{
"date": "2019-09-18T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2019-009333"
},
{
"date": "2019-09-12T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201909-649"
},
{
"date": "2019-09-12T18:15:12.007000",
"db": "NVD",
"id": "CVE-2019-14237"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2019-09-16T00:00:00",
"db": "VULHUB",
"id": "VHN-146163"
},
{
"date": "2019-09-18T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2019-009333"
},
{
"date": "2019-09-26T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201909-649"
},
{
"date": "2024-11-21T04:26:16.020000",
"db": "NVD",
"id": "CVE-2019-14237"
}
]
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "plural NXP Kinetis Unauthorized authentication vulnerabilities in product devices",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-009333"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "other",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201909-649"
}
],
"trust": 0.6
}
}
VAR-201802-0481
Vulnerability from variot - Updated: 2024-11-23 22:22An Out-of-bounds Read issue was discovered in Smiths Medical Medfusion 4000 Wireless Syringe Infusion Pump, Version 1.1, 1.5, and 1.6. A third-party component used in the pump reads memory out of bounds, causing the communications module to crash. Smiths Medical assesses that the crash of the communications module would not impact the operation of the therapeutic module. NXP Semiconductors Provided by MQX RTOS Has multiple vulnerabilities. Buffer overflow (CWE-120) - CVE-2017-12718 MQX version 5.0 of RTCS DHCP On the client, DHCP option 66 and 67 The data length check corresponding to is not performed correctly. A remote third party crafted these data items DHCP Sending a packet can cause a buffer overflow and execute arbitrary code. Read out of bounds (CWE-125) - CVE-2017-12722 MQX version 4.1 And earlier DNS The client is illegal DNS The packet size cannot be handled properly and an out-of-region memory reference occurs. Remote third party crafted DNS Sending a packet causes an out-of-region memory reference and disrupts service operation ( DoS ) Is possible.The expected impact depends on each vulnerability, but can be affected as follows: * * Crafted by a remote third party DHCP By sending a packet, arbitrary code is executed with system privileges. - CVE-2017-12718 * * Crafted by a remote third party DNS By sending a packet, service disruption ( DoS ) - CVE-2017-12722. A buffer-overflow vulnerability 2. A denial-of-service vulnerability 3. An access-bypass vulnerability 4. Multiple security-bypass vulnerabilities Attackers can exploit these issues to execute arbitrary code within the context of affected device, cause a denial-of-service condition, bypass certain security restrictions, or gain unauthorized access to the device and perform unauthorized actions. This may lead to complete compromise of the device. Attackers can exploit these issues to crash the application, resulting in a denial-of-service condition
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201802-0481",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "medfusion 4000 wireless syringe infusion pump",
"scope": "eq",
"trust": 1.6,
"vendor": "smiths medical",
"version": "1.1"
},
{
"model": "medfusion 4000 wireless syringe infusion pump",
"scope": "eq",
"trust": 1.6,
"vendor": "smiths medical",
"version": "1.6"
},
{
"model": "medfusion 4000 wireless syringe infusion pump",
"scope": "eq",
"trust": 1.6,
"vendor": "smiths medical",
"version": "1.5"
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "nxp semiconductors",
"version": null
},
{
"model": "mqx real-time operating system",
"scope": "lte",
"trust": 0.8,
"vendor": "nxp semiconductors",
"version": "version 4.1 (cve-2017-12722)"
},
{
"model": "mqx real-time operating system",
"scope": "eq",
"trust": 0.8,
"vendor": "nxp semiconductors",
"version": "version 5.0 (cve-2017-12718)"
},
{
"model": "medical medfusion wireless syringe infusion pump",
"scope": "eq",
"trust": 0.6,
"vendor": "smiths",
"version": "40001.1"
},
{
"model": "medical medfusion wireless syringe infusion pump",
"scope": "eq",
"trust": 0.6,
"vendor": "smiths",
"version": "40001.5"
},
{
"model": "medical medfusion wireless syringe infusion pump",
"scope": "eq",
"trust": 0.6,
"vendor": "smiths",
"version": "40001.6"
},
{
"model": "medfusion wireless syringe infusion pump",
"scope": "eq",
"trust": 0.3,
"vendor": "smiths medical",
"version": "40001.6"
},
{
"model": "medfusion wireless syringe infusion pump",
"scope": "eq",
"trust": 0.3,
"vendor": "smiths medical",
"version": "40001.5"
},
{
"model": "medfusion wireless syringe infusion pump",
"scope": "eq",
"trust": 0.3,
"vendor": "smiths medical",
"version": "40001.1"
},
{
"model": "semiconductors mqx rtos",
"scope": "eq",
"trust": 0.3,
"vendor": "nxp",
"version": "3.8"
},
{
"model": "semiconductors mqx rtos",
"scope": "eq",
"trust": 0.3,
"vendor": "nxp",
"version": "3.7"
},
{
"model": "semiconductors mqx rtos",
"scope": "eq",
"trust": 0.3,
"vendor": "nxp",
"version": "3.6"
},
{
"model": "semiconductors mqx rtos",
"scope": "eq",
"trust": 0.3,
"vendor": "nxp",
"version": "3.5"
},
{
"model": "semiconductors mqx rtos",
"scope": "eq",
"trust": 0.3,
"vendor": "nxp",
"version": "3.4"
},
{
"model": "semiconductors mqx rtos",
"scope": "eq",
"trust": 0.3,
"vendor": "nxp",
"version": "3.3"
},
{
"model": "semiconductors mqx rtos",
"scope": "eq",
"trust": 0.3,
"vendor": "nxp",
"version": "3.2"
},
{
"model": "semiconductors mqx rtos",
"scope": "eq",
"trust": 0.3,
"vendor": "nxp",
"version": "3.1"
},
{
"model": "semiconductors mqx rtos",
"scope": "eq",
"trust": 0.3,
"vendor": "nxp",
"version": "5.0"
},
{
"model": "semiconductors mqx rtos",
"scope": "eq",
"trust": 0.3,
"vendor": "nxp",
"version": "4.2"
},
{
"model": "semiconductors mqx rtos",
"scope": "eq",
"trust": 0.3,
"vendor": "nxp",
"version": "4.0"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "medfusion 4000 syringe infusion pump",
"version": "1.1"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "medfusion 4000 syringe infusion pump",
"version": "1.5"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "medfusion 4000 syringe infusion pump",
"version": "1.6"
}
],
"sources": [
{
"db": "IVD",
"id": "52bccdaf-af7c-4b8c-a161-1d0c1307bb73"
},
{
"db": "CERT/CC",
"id": "VU#590639"
},
{
"db": "CNVD",
"id": "CNVD-2017-25722"
},
{
"db": "BID",
"id": "100665"
},
{
"db": "BID",
"id": "101252"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-010586"
},
{
"db": "CNNVD",
"id": "CNNVD-201709-520"
},
{
"db": "NVD",
"id": "CVE-2017-12722"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/o:nxp:mqx_rtos",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-010586"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Scott Gayou",
"sources": [
{
"db": "BID",
"id": "100665"
},
{
"db": "BID",
"id": "101252"
},
{
"db": "CNNVD",
"id": "CNNVD-201709-520"
}
],
"trust": 1.2
},
"cve": "CVE-2017-12722",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "CVE-2017-12722",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 1.0,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "CNVD-2017-25722",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "52bccdaf-af7c-4b8c-a161-1d0c1307bb73",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.2,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.9 [IVD]"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "VHN-103273",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:N/I:N/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"exploitabilityScore": 3.9,
"id": "CVE-2017-12722",
"impactScore": 1.4,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2017-12722",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "CNVD",
"id": "CNVD-2017-25722",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201709-520",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "IVD",
"id": "52bccdaf-af7c-4b8c-a161-1d0c1307bb73",
"trust": 0.2,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-103273",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "52bccdaf-af7c-4b8c-a161-1d0c1307bb73"
},
{
"db": "CNVD",
"id": "CNVD-2017-25722"
},
{
"db": "VULHUB",
"id": "VHN-103273"
},
{
"db": "CNNVD",
"id": "CNNVD-201709-520"
},
{
"db": "NVD",
"id": "CVE-2017-12722"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "An Out-of-bounds Read issue was discovered in Smiths Medical Medfusion 4000 Wireless Syringe Infusion Pump, Version 1.1, 1.5, and 1.6. A third-party component used in the pump reads memory out of bounds, causing the communications module to crash. Smiths Medical assesses that the crash of the communications module would not impact the operation of the therapeutic module. NXP Semiconductors Provided by MQX RTOS Has multiple vulnerabilities. Buffer overflow (CWE-120) - CVE-2017-12718 MQX version 5.0 of RTCS DHCP On the client, DHCP option 66 and 67 The data length check corresponding to is not performed correctly. A remote third party crafted these data items DHCP Sending a packet can cause a buffer overflow and execute arbitrary code. Read out of bounds (CWE-125) - CVE-2017-12722 MQX version 4.1 And earlier DNS The client is illegal DNS The packet size cannot be handled properly and an out-of-region memory reference occurs. Remote third party crafted DNS Sending a packet causes an out-of-region memory reference and disrupts service operation ( DoS ) Is possible.The expected impact depends on each vulnerability, but can be affected as follows: * * Crafted by a remote third party DHCP By sending a packet, arbitrary code is executed with system privileges. - CVE-2017-12718 * * Crafted by a remote third party DNS By sending a packet, service disruption ( DoS ) - CVE-2017-12722. A buffer-overflow vulnerability\n2. A denial-of-service vulnerability\n3. An access-bypass vulnerability\n4. Multiple security-bypass vulnerabilities\nAttackers can exploit these issues to execute arbitrary code within the context of affected device, cause a denial-of-service condition, bypass certain security restrictions, or gain unauthorized access to the device and perform unauthorized actions. This may lead to complete compromise of the device. Attackers can exploit these issues to crash the application, resulting in a denial-of-service condition",
"sources": [
{
"db": "NVD",
"id": "CVE-2017-12722"
},
{
"db": "CERT/CC",
"id": "VU#590639"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-010586"
},
{
"db": "CNVD",
"id": "CNVD-2017-25722"
},
{
"db": "BID",
"id": "100665"
},
{
"db": "BID",
"id": "101252"
},
{
"db": "IVD",
"id": "52bccdaf-af7c-4b8c-a161-1d0c1307bb73"
},
{
"db": "VULHUB",
"id": "VHN-103273"
}
],
"trust": 3.69
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2017-12722",
"trust": 3.9
},
{
"db": "ICS CERT",
"id": "ICSMA-17-250-02A",
"trust": 2.5
},
{
"db": "BID",
"id": "100665",
"trust": 2.0
},
{
"db": "BID",
"id": "101252",
"trust": 2.0
},
{
"db": "CERT/CC",
"id": "VU#590639",
"trust": 1.9
},
{
"db": "ICS CERT",
"id": "ICSA-17-285-04",
"trust": 1.1
},
{
"db": "CNNVD",
"id": "CNNVD-201709-520",
"trust": 0.9
},
{
"db": "ICS CERT",
"id": "ICSMA-17-250-02",
"trust": 0.9
},
{
"db": "CNVD",
"id": "CNVD-2017-25722",
"trust": 0.8
},
{
"db": "ICS CERT",
"id": "ICSA-17-285-04A",
"trust": 0.8
},
{
"db": "JVN",
"id": "JVNVU96796469",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2017-010586",
"trust": 0.8
},
{
"db": "IVD",
"id": "52BCCDAF-AF7C-4B8C-A161-1D0C1307BB73",
"trust": 0.2
},
{
"db": "VULHUB",
"id": "VHN-103273",
"trust": 0.1
}
],
"sources": [
{
"db": "IVD",
"id": "52bccdaf-af7c-4b8c-a161-1d0c1307bb73"
},
{
"db": "CERT/CC",
"id": "VU#590639"
},
{
"db": "CNVD",
"id": "CNVD-2017-25722"
},
{
"db": "VULHUB",
"id": "VHN-103273"
},
{
"db": "BID",
"id": "100665"
},
{
"db": "BID",
"id": "101252"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-010586"
},
{
"db": "CNNVD",
"id": "CNNVD-201709-520"
},
{
"db": "NVD",
"id": "CVE-2017-12722"
}
]
},
"id": "VAR-201802-0481",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "IVD",
"id": "52bccdaf-af7c-4b8c-a161-1d0c1307bb73"
},
{
"db": "CNVD",
"id": "CNVD-2017-25722"
},
{
"db": "VULHUB",
"id": "VHN-103273"
}
],
"trust": 1.9
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 0.8
}
],
"sources": [
{
"db": "IVD",
"id": "52bccdaf-af7c-4b8c-a161-1d0c1307bb73"
},
{
"db": "CNVD",
"id": "CNVD-2017-25722"
}
]
},
"last_update_date": "2024-11-23T22:22:13.889000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "MQX Real-Time Operating System (RTOS)",
"trust": 0.8,
"url": "https://www.nxp.com/support/developer-resources/run-time-software/mqx-software-solutions/mqx-real-time-operating-system-rtos:MQXRTOS?fsrch=1\u0026sr=1\u0026pageNum=1"
},
{
"title": "Smiths Medical Medfusion 4000 Wireless Syringe Infusion Pump Memory Read Vulnerability Patch",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/101787"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-25722"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-010586"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-125",
"trust": 1.9
},
{
"problemtype": "CWE-120",
"trust": 0.8
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-103273"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-010586"
},
{
"db": "NVD",
"id": "CVE-2017-12722"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.5,
"url": "https://ics-cert.us-cert.gov/advisories/icsma-17-250-02a"
},
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/100665"
},
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/101252"
},
{
"trust": 1.1,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-17-285-04"
},
{
"trust": 1.1,
"url": "https://www.kb.cert.org/vuls/id/590639"
},
{
"trust": 0.9,
"url": "https://ics-cert.us-cert.gov/advisories/icsma-17-250-02"
},
{
"trust": 0.8,
"url": "http://cwe.mitre.org/data/definitions/120.html"
},
{
"trust": 0.8,
"url": "http://cwe.mitre.org/data/definitions/125.html"
},
{
"trust": 0.8,
"url": "https://github.com/sgayou/medfusion-4000-research/blob/master/doc/readme.md"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-12718"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-12722"
},
{
"trust": 0.8,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-17-285-04a"
},
{
"trust": 0.8,
"url": "http://jvn.jp/vu/jvnvu96796469/index.html"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-12722"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-12718"
},
{
"trust": 0.3,
"url": "https://www.smiths-medical.com/products/infusion/syringe-infusion/syringe-infusion-pumps/medfusion-4000-wireless-syringe-infusion-pump"
},
{
"trust": 0.3,
"url": "https://www.nxp.com/support/developer-resources/run-time-software/mqx-software-solutions/mqx-real-time-operating-system-rtos:mqxrtos?fsrch=1\u0026sr=1\u0026pagenum=1"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#590639"
},
{
"db": "CNVD",
"id": "CNVD-2017-25722"
},
{
"db": "VULHUB",
"id": "VHN-103273"
},
{
"db": "BID",
"id": "100665"
},
{
"db": "BID",
"id": "101252"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-010586"
},
{
"db": "CNNVD",
"id": "CNNVD-201709-520"
},
{
"db": "NVD",
"id": "CVE-2017-12722"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "IVD",
"id": "52bccdaf-af7c-4b8c-a161-1d0c1307bb73"
},
{
"db": "CERT/CC",
"id": "VU#590639"
},
{
"db": "CNVD",
"id": "CNVD-2017-25722"
},
{
"db": "VULHUB",
"id": "VHN-103273"
},
{
"db": "BID",
"id": "100665"
},
{
"db": "BID",
"id": "101252"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-010586"
},
{
"db": "CNNVD",
"id": "CNNVD-201709-520"
},
{
"db": "NVD",
"id": "CVE-2017-12722"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-09-08T00:00:00",
"db": "IVD",
"id": "52bccdaf-af7c-4b8c-a161-1d0c1307bb73"
},
{
"date": "2017-10-12T00:00:00",
"db": "CERT/CC",
"id": "VU#590639"
},
{
"date": "2017-09-08T00:00:00",
"db": "CNVD",
"id": "CNVD-2017-25722"
},
{
"date": "2018-02-15T00:00:00",
"db": "VULHUB",
"id": "VHN-103273"
},
{
"date": "2017-09-07T00:00:00",
"db": "BID",
"id": "100665"
},
{
"date": "2017-10-12T00:00:00",
"db": "BID",
"id": "101252"
},
{
"date": "2017-12-20T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-010586"
},
{
"date": "2017-09-18T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201709-520"
},
{
"date": "2018-02-15T10:29:00.383000",
"db": "NVD",
"id": "CVE-2017-12722"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-01-22T00:00:00",
"db": "CERT/CC",
"id": "VU#590639"
},
{
"date": "2017-09-08T00:00:00",
"db": "CNVD",
"id": "CNVD-2017-25722"
},
{
"date": "2018-03-02T00:00:00",
"db": "VULHUB",
"id": "VHN-103273"
},
{
"date": "2017-09-07T00:00:00",
"db": "BID",
"id": "100665"
},
{
"date": "2017-10-12T00:00:00",
"db": "BID",
"id": "101252"
},
{
"date": "2018-04-11T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-010586"
},
{
"date": "2017-09-18T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201709-520"
},
{
"date": "2024-11-21T03:10:05.837000",
"db": "NVD",
"id": "CVE-2017-12722"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "network",
"sources": [
{
"db": "BID",
"id": "100665"
},
{
"db": "BID",
"id": "101252"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Smiths Medical Medfusion 4000 Wireless Syringe Infusion Pump Memory read vulnerability",
"sources": [
{
"db": "IVD",
"id": "52bccdaf-af7c-4b8c-a161-1d0c1307bb73"
},
{
"db": "CNVD",
"id": "CNVD-2017-25722"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "lack of information",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201709-520"
}
],
"trust": 0.6
}
}
VAR-201802-0478
Vulnerability from variot - Updated: 2024-11-23 22:22A Classic Buffer Overflow issue was discovered in Smiths Medical Medfusion 4000 Wireless Syringe Infusion Pump, Version 1.1, 1.5, and 1.6. A third-party component used in the pump does not verify input buffer size prior to copying, leading to a buffer overflow, allowing remote code execution on the target device. The pump receives the potentially malicious input infrequently and under certain conditions, increasing the difficulty of exploitation. NXP Semiconductors Provided by MQX RTOS Has multiple vulnerabilities. Buffer overflow (CWE-120) - CVE-2017-12718 MQX version 5.0 of RTCS DHCP On the client, DHCP option 66 and 67 The data length check corresponding to is not performed correctly. A remote third party crafted these data items DHCP Sending a packet can cause a buffer overflow and execute arbitrary code. Read out of bounds (CWE-125) - CVE-2017-12722 MQX version 4.1 And earlier DNS The client is illegal DNS The packet size cannot be handled properly and an out-of-region memory reference occurs. Remote third party crafted DNS Sending a packet causes an out-of-region memory reference and disrupts service operation ( DoS ) Is possible.The expected impact depends on each vulnerability, but can be affected as follows: * * Crafted by a remote third party DHCP By sending a packet, arbitrary code is executed with system privileges. - CVE-2017-12718 * * Crafted by a remote third party DNS By sending a packet, service disruption ( DoS ) - CVE-2017-12722. A buffer-overflow vulnerability 2. A denial-of-service vulnerability 3. An access-bypass vulnerability 4. Multiple security-bypass vulnerabilities Attackers can exploit these issues to execute arbitrary code within the context of affected device, cause a denial-of-service condition, bypass certain security restrictions, or gain unauthorized access to the device and perform unauthorized actions. This may lead to complete compromise of the device. Attackers can exploit these issues to crash the application, resulting in a denial-of-service condition. The vulnerability is caused by the program not checking the size of the input buffer
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201802-0478",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "medfusion 4000 wireless syringe infusion pump",
"scope": "eq",
"trust": 1.6,
"vendor": "smiths medical",
"version": "1.1"
},
{
"model": "medfusion 4000 wireless syringe infusion pump",
"scope": "eq",
"trust": 1.6,
"vendor": "smiths medical",
"version": "1.6"
},
{
"model": "medfusion 4000 wireless syringe infusion pump",
"scope": "eq",
"trust": 1.6,
"vendor": "smiths medical",
"version": "1.5"
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "nxp semiconductors",
"version": null
},
{
"model": "mqx real-time operating system",
"scope": "lte",
"trust": 0.8,
"vendor": "nxp semiconductors",
"version": "version 4.1 (cve-2017-12722)"
},
{
"model": "mqx real-time operating system",
"scope": "eq",
"trust": 0.8,
"vendor": "nxp semiconductors",
"version": "version 5.0 (cve-2017-12718)"
},
{
"model": "medical medfusion wireless syringe infusion pump",
"scope": "eq",
"trust": 0.6,
"vendor": "smiths",
"version": "40001.1"
},
{
"model": "medical medfusion wireless syringe infusion pump",
"scope": "eq",
"trust": 0.6,
"vendor": "smiths",
"version": "40001.5"
},
{
"model": "medical medfusion wireless syringe infusion pump",
"scope": "eq",
"trust": 0.6,
"vendor": "smiths",
"version": "40001.6"
},
{
"model": "medfusion wireless syringe infusion pump",
"scope": "eq",
"trust": 0.3,
"vendor": "smiths medical",
"version": "40001.6"
},
{
"model": "medfusion wireless syringe infusion pump",
"scope": "eq",
"trust": 0.3,
"vendor": "smiths medical",
"version": "40001.5"
},
{
"model": "medfusion wireless syringe infusion pump",
"scope": "eq",
"trust": 0.3,
"vendor": "smiths medical",
"version": "40001.1"
},
{
"model": "semiconductors mqx rtos",
"scope": "eq",
"trust": 0.3,
"vendor": "nxp",
"version": "3.8"
},
{
"model": "semiconductors mqx rtos",
"scope": "eq",
"trust": 0.3,
"vendor": "nxp",
"version": "3.7"
},
{
"model": "semiconductors mqx rtos",
"scope": "eq",
"trust": 0.3,
"vendor": "nxp",
"version": "3.6"
},
{
"model": "semiconductors mqx rtos",
"scope": "eq",
"trust": 0.3,
"vendor": "nxp",
"version": "3.5"
},
{
"model": "semiconductors mqx rtos",
"scope": "eq",
"trust": 0.3,
"vendor": "nxp",
"version": "3.4"
},
{
"model": "semiconductors mqx rtos",
"scope": "eq",
"trust": 0.3,
"vendor": "nxp",
"version": "3.3"
},
{
"model": "semiconductors mqx rtos",
"scope": "eq",
"trust": 0.3,
"vendor": "nxp",
"version": "3.2"
},
{
"model": "semiconductors mqx rtos",
"scope": "eq",
"trust": 0.3,
"vendor": "nxp",
"version": "3.1"
},
{
"model": "semiconductors mqx rtos",
"scope": "eq",
"trust": 0.3,
"vendor": "nxp",
"version": "5.0"
},
{
"model": "semiconductors mqx rtos",
"scope": "eq",
"trust": 0.3,
"vendor": "nxp",
"version": "4.2"
},
{
"model": "semiconductors mqx rtos",
"scope": "eq",
"trust": 0.3,
"vendor": "nxp",
"version": "4.0"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "medfusion 4000 syringe infusion pump",
"version": "1.1"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "medfusion 4000 syringe infusion pump",
"version": "1.5"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "medfusion 4000 syringe infusion pump",
"version": "1.6"
}
],
"sources": [
{
"db": "IVD",
"id": "5166b119-87ed-4df9-b95b-46e0eafe6d6a"
},
{
"db": "CERT/CC",
"id": "VU#590639"
},
{
"db": "CNVD",
"id": "CNVD-2017-25723"
},
{
"db": "BID",
"id": "100665"
},
{
"db": "BID",
"id": "101252"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-010586"
},
{
"db": "CNNVD",
"id": "CNNVD-201709-519"
},
{
"db": "NVD",
"id": "CVE-2017-12718"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/o:nxp:mqx_rtos",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-010586"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Scott Gayou",
"sources": [
{
"db": "BID",
"id": "100665"
},
{
"db": "BID",
"id": "101252"
},
{
"db": "CNNVD",
"id": "CNNVD-201709-519"
}
],
"trust": 1.2
},
"cve": "CVE-2017-12718",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "CVE-2017-12718",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 1.0,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "HIGH",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "COMPLETE",
"baseScore": 7.6,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 4.9,
"id": "CNVD-2017-25723",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:N/AC:H/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "HIGH",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "COMPLETE",
"baseScore": 7.6,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 4.9,
"id": "5166b119-87ed-4df9-b95b-46e0eafe6d6a",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.2,
"vectorString": "AV:N/AC:H/Au:N/C:C/I:C/A:C",
"version": "2.9 [IVD]"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "VHN-103268",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.2,
"id": "CVE-2017-12718",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2017-12718",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "CNVD",
"id": "CNVD-2017-25723",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201709-519",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "IVD",
"id": "5166b119-87ed-4df9-b95b-46e0eafe6d6a",
"trust": 0.2,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-103268",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "5166b119-87ed-4df9-b95b-46e0eafe6d6a"
},
{
"db": "CNVD",
"id": "CNVD-2017-25723"
},
{
"db": "VULHUB",
"id": "VHN-103268"
},
{
"db": "CNNVD",
"id": "CNNVD-201709-519"
},
{
"db": "NVD",
"id": "CVE-2017-12718"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "A Classic Buffer Overflow issue was discovered in Smiths Medical Medfusion 4000 Wireless Syringe Infusion Pump, Version 1.1, 1.5, and 1.6. A third-party component used in the pump does not verify input buffer size prior to copying, leading to a buffer overflow, allowing remote code execution on the target device. The pump receives the potentially malicious input infrequently and under certain conditions, increasing the difficulty of exploitation. NXP Semiconductors Provided by MQX RTOS Has multiple vulnerabilities. Buffer overflow (CWE-120) - CVE-2017-12718 MQX version 5.0 of RTCS DHCP On the client, DHCP option 66 and 67 The data length check corresponding to is not performed correctly. A remote third party crafted these data items DHCP Sending a packet can cause a buffer overflow and execute arbitrary code. Read out of bounds (CWE-125) - CVE-2017-12722 MQX version 4.1 And earlier DNS The client is illegal DNS The packet size cannot be handled properly and an out-of-region memory reference occurs. Remote third party crafted DNS Sending a packet causes an out-of-region memory reference and disrupts service operation ( DoS ) Is possible.The expected impact depends on each vulnerability, but can be affected as follows: * * Crafted by a remote third party DHCP By sending a packet, arbitrary code is executed with system privileges. - CVE-2017-12718 * * Crafted by a remote third party DNS By sending a packet, service disruption ( DoS ) - CVE-2017-12722. A buffer-overflow vulnerability\n2. A denial-of-service vulnerability\n3. An access-bypass vulnerability\n4. Multiple security-bypass vulnerabilities\nAttackers can exploit these issues to execute arbitrary code within the context of affected device, cause a denial-of-service condition, bypass certain security restrictions, or gain unauthorized access to the device and perform unauthorized actions. This may lead to complete compromise of the device. Attackers can exploit these issues to crash the application, resulting in a denial-of-service condition. The vulnerability is caused by the program not checking the size of the input buffer",
"sources": [
{
"db": "NVD",
"id": "CVE-2017-12718"
},
{
"db": "CERT/CC",
"id": "VU#590639"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-010586"
},
{
"db": "CNVD",
"id": "CNVD-2017-25723"
},
{
"db": "BID",
"id": "100665"
},
{
"db": "BID",
"id": "101252"
},
{
"db": "IVD",
"id": "5166b119-87ed-4df9-b95b-46e0eafe6d6a"
},
{
"db": "VULHUB",
"id": "VHN-103268"
}
],
"trust": 3.69
},
"exploit_availability": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"reference": "https://www.scap.org.cn/vuln/vhn-103268",
"trust": 0.1,
"type": "unknown"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-103268"
}
]
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2017-12718",
"trust": 3.9
},
{
"db": "ICS CERT",
"id": "ICSMA-17-250-02A",
"trust": 2.5
},
{
"db": "BID",
"id": "100665",
"trust": 2.0
},
{
"db": "BID",
"id": "101252",
"trust": 2.0
},
{
"db": "CERT/CC",
"id": "VU#590639",
"trust": 1.9
},
{
"db": "EXPLOIT-DB",
"id": "43776",
"trust": 1.7
},
{
"db": "ICS CERT",
"id": "ICSA-17-285-04",
"trust": 1.1
},
{
"db": "CNNVD",
"id": "CNNVD-201709-519",
"trust": 0.9
},
{
"db": "ICS CERT",
"id": "ICSMA-17-250-02",
"trust": 0.9
},
{
"db": "CNVD",
"id": "CNVD-2017-25723",
"trust": 0.8
},
{
"db": "ICS CERT",
"id": "ICSA-17-285-04A",
"trust": 0.8
},
{
"db": "JVN",
"id": "JVNVU96796469",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2017-010586",
"trust": 0.8
},
{
"db": "IVD",
"id": "5166B119-87ED-4DF9-B95B-46E0EAFE6D6A",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "145971",
"trust": 0.1
},
{
"db": "VULHUB",
"id": "VHN-103268",
"trust": 0.1
}
],
"sources": [
{
"db": "IVD",
"id": "5166b119-87ed-4df9-b95b-46e0eafe6d6a"
},
{
"db": "CERT/CC",
"id": "VU#590639"
},
{
"db": "CNVD",
"id": "CNVD-2017-25723"
},
{
"db": "VULHUB",
"id": "VHN-103268"
},
{
"db": "BID",
"id": "100665"
},
{
"db": "BID",
"id": "101252"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-010586"
},
{
"db": "CNNVD",
"id": "CNNVD-201709-519"
},
{
"db": "NVD",
"id": "CVE-2017-12718"
}
]
},
"id": "VAR-201802-0478",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "IVD",
"id": "5166b119-87ed-4df9-b95b-46e0eafe6d6a"
},
{
"db": "CNVD",
"id": "CNVD-2017-25723"
},
{
"db": "VULHUB",
"id": "VHN-103268"
}
],
"trust": 1.9
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 0.8
}
],
"sources": [
{
"db": "IVD",
"id": "5166b119-87ed-4df9-b95b-46e0eafe6d6a"
},
{
"db": "CNVD",
"id": "CNVD-2017-25723"
}
]
},
"last_update_date": "2024-11-23T22:22:13.836000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "MQX Real-Time Operating System (RTOS)",
"trust": 0.8,
"url": "https://www.nxp.com/support/developer-resources/run-time-software/mqx-software-solutions/mqx-real-time-operating-system-rtos:MQXRTOS?fsrch=1\u0026sr=1\u0026pageNum=1"
},
{
"title": "Smiths Medical Medfusion 4000 Wireless Syringe Infusion Pump Patch Overflow Vulnerability Patch",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/101786"
},
{
"title": "Smiths Medical Medfusion 4000 Wireless Syringe Infusion Pump Buffer error vulnerability fix",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=100042"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-25723"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-010586"
},
{
"db": "CNNVD",
"id": "CNNVD-201709-519"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-120",
"trust": 1.8
},
{
"problemtype": "CWE-119",
"trust": 1.1
},
{
"problemtype": "CWE-125",
"trust": 0.8
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-103268"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-010586"
},
{
"db": "NVD",
"id": "CVE-2017-12718"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.5,
"url": "https://ics-cert.us-cert.gov/advisories/icsma-17-250-02a"
},
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/100665"
},
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/101252"
},
{
"trust": 1.7,
"url": "https://www.exploit-db.com/exploits/43776/"
},
{
"trust": 1.1,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-17-285-04"
},
{
"trust": 1.1,
"url": "https://www.kb.cert.org/vuls/id/590639"
},
{
"trust": 0.9,
"url": "https://ics-cert.us-cert.gov/advisories/icsma-17-250-02"
},
{
"trust": 0.8,
"url": "http://cwe.mitre.org/data/definitions/120.html"
},
{
"trust": 0.8,
"url": "http://cwe.mitre.org/data/definitions/125.html"
},
{
"trust": 0.8,
"url": "https://github.com/sgayou/medfusion-4000-research/blob/master/doc/readme.md"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-12718"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-12722"
},
{
"trust": 0.8,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-17-285-04a"
},
{
"trust": 0.8,
"url": "http://jvn.jp/vu/jvnvu96796469/index.html"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-12722"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-12718"
},
{
"trust": 0.3,
"url": "https://www.smiths-medical.com/products/infusion/syringe-infusion/syringe-infusion-pumps/medfusion-4000-wireless-syringe-infusion-pump"
},
{
"trust": 0.3,
"url": "https://www.nxp.com/support/developer-resources/run-time-software/mqx-software-solutions/mqx-real-time-operating-system-rtos:mqxrtos?fsrch=1\u0026sr=1\u0026pagenum=1"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#590639"
},
{
"db": "CNVD",
"id": "CNVD-2017-25723"
},
{
"db": "VULHUB",
"id": "VHN-103268"
},
{
"db": "BID",
"id": "100665"
},
{
"db": "BID",
"id": "101252"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-010586"
},
{
"db": "CNNVD",
"id": "CNNVD-201709-519"
},
{
"db": "NVD",
"id": "CVE-2017-12718"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "IVD",
"id": "5166b119-87ed-4df9-b95b-46e0eafe6d6a"
},
{
"db": "CERT/CC",
"id": "VU#590639"
},
{
"db": "CNVD",
"id": "CNVD-2017-25723"
},
{
"db": "VULHUB",
"id": "VHN-103268"
},
{
"db": "BID",
"id": "100665"
},
{
"db": "BID",
"id": "101252"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-010586"
},
{
"db": "CNNVD",
"id": "CNNVD-201709-519"
},
{
"db": "NVD",
"id": "CVE-2017-12718"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-09-08T00:00:00",
"db": "IVD",
"id": "5166b119-87ed-4df9-b95b-46e0eafe6d6a"
},
{
"date": "2017-10-12T00:00:00",
"db": "CERT/CC",
"id": "VU#590639"
},
{
"date": "2017-09-08T00:00:00",
"db": "CNVD",
"id": "CNVD-2017-25723"
},
{
"date": "2018-02-15T00:00:00",
"db": "VULHUB",
"id": "VHN-103268"
},
{
"date": "2017-09-07T00:00:00",
"db": "BID",
"id": "100665"
},
{
"date": "2017-10-12T00:00:00",
"db": "BID",
"id": "101252"
},
{
"date": "2017-12-20T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-010586"
},
{
"date": "2017-09-18T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201709-519"
},
{
"date": "2018-02-15T10:29:00.227000",
"db": "NVD",
"id": "CVE-2017-12718"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-01-22T00:00:00",
"db": "CERT/CC",
"id": "VU#590639"
},
{
"date": "2017-09-08T00:00:00",
"db": "CNVD",
"id": "CNVD-2017-25723"
},
{
"date": "2019-10-09T00:00:00",
"db": "VULHUB",
"id": "VHN-103268"
},
{
"date": "2017-09-07T00:00:00",
"db": "BID",
"id": "100665"
},
{
"date": "2017-10-12T00:00:00",
"db": "BID",
"id": "101252"
},
{
"date": "2018-04-11T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-010586"
},
{
"date": "2019-10-17T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201709-519"
},
{
"date": "2024-11-21T03:10:05.357000",
"db": "NVD",
"id": "CVE-2017-12718"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "network",
"sources": [
{
"db": "BID",
"id": "100665"
},
{
"db": "BID",
"id": "101252"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Smiths Medical Medfusion 4000 Wireless Syringe Infusion Pump Buffer Overflow Vulnerability",
"sources": [
{
"db": "IVD",
"id": "5166b119-87ed-4df9-b95b-46e0eafe6d6a"
},
{
"db": "CNVD",
"id": "CNVD-2017-25723"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Buffer error",
"sources": [
{
"db": "IVD",
"id": "5166b119-87ed-4df9-b95b-46e0eafe6d6a"
},
{
"db": "CNNVD",
"id": "CNNVD-201709-519"
}
],
"trust": 0.8
}
}
CVE-2021-27421 (GCVE-0-2021-27421)
Vulnerability from nvd – Published: 2022-05-03 20:24 – Updated: 2025-04-16 16:24
VLAI
Title
NXP MCUXpresso SDK Integer Overflow or Wraparound
Summary
NXP MCUXpresso SDK versions prior to 2.8.2 are vulnerable to integer overflow in SDK_Malloc function, which could allow to access memory locations outside the bounds of a specified array, leading to unexpected behavior such segmentation fault when assigning a particular block of memory from the heap via malloc.
Severity
7.3 (High)
SSVC
Exploitation: none
Automatable: yes
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-190 - Integer Overflow or Wraparound
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://www.cisa.gov/uscert/ics/advisories/icsa-2… | x_refsource_CONFIRM |
| https://mcuxpresso.nxp.com/en/welcome | x_refsource_CONFIRM |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| NXP | MCUXpresso SDK |
Affected:
unspecified , < 2.8.2
(custom)
|
Credits
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T20:48:17.120Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.cisa.gov/uscert/ics/advisories/icsa-21-119-04"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://mcuxpresso.nxp.com/en/welcome"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2021-27421",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-04-16T15:57:09.567914Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-04-16T16:24:46.545Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "MCUXpresso SDK",
"vendor": "NXP",
"versions": [
{
"lessThan": "2.8.2",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "David Atch, Omri Ben Bassat, and Tamir Ariel from Microsoft Section 52, and the Azure Defender for IoT research group reported these vulnerabilities to CISA."
}
],
"descriptions": [
{
"lang": "en",
"value": "NXP MCUXpresso SDK versions prior to 2.8.2 are vulnerable to integer overflow in SDK_Malloc function, which could allow to access memory locations outside the bounds of a specified array, leading to unexpected behavior such segmentation fault when assigning a particular block of memory from the heap via malloc."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-190",
"description": "CWE-190 Integer Overflow or Wraparound",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-05-03T20:24:23.000Z",
"orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"shortName": "icscert"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.cisa.gov/uscert/ics/advisories/icsa-21-119-04"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://mcuxpresso.nxp.com/en/welcome"
}
],
"solutions": [
{
"lang": "en",
"value": "Update NXP MCUXpresso SDK to 2.9.0 or later "
}
],
"source": {
"defect": [
"\u201cBadAlloc\u201d"
],
"discovery": "EXTERNAL"
},
"title": "NXP MCUXpresso SDK Integer Overflow or Wraparound",
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "ics-cert@hq.dhs.gov",
"ID": "CVE-2021-27421",
"STATE": "PUBLIC",
"TITLE": "NXP MCUXpresso SDK Integer Overflow or Wraparound"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "MCUXpresso SDK",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "2.8.2"
}
]
}
}
]
},
"vendor_name": "NXP"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "David Atch, Omri Ben Bassat, and Tamir Ariel from Microsoft Section 52, and the Azure Defender for IoT research group reported these vulnerabilities to CISA."
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "NXP MCUXpresso SDK versions prior to 2.8.2 are vulnerable to integer overflow in SDK_Malloc function, which could allow to access memory locations outside the bounds of a specified array, leading to unexpected behavior such segmentation fault when assigning a particular block of memory from the heap via malloc."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-190 Integer Overflow or Wraparound"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.cisa.gov/uscert/ics/advisories/icsa-21-119-04",
"refsource": "CONFIRM",
"url": "https://www.cisa.gov/uscert/ics/advisories/icsa-21-119-04"
},
{
"name": "https://mcuxpresso.nxp.com/en/welcome",
"refsource": "CONFIRM",
"url": "https://mcuxpresso.nxp.com/en/welcome"
}
]
},
"solution": [
{
"lang": "en",
"value": "Update NXP MCUXpresso SDK to 2.9.0 or later "
}
],
"source": {
"defect": [
"\u201cBadAlloc\u201d"
],
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"assignerShortName": "icscert",
"cveId": "CVE-2021-27421",
"datePublished": "2022-05-03T20:24:23.000Z",
"dateReserved": "2021-02-19T00:00:00.000Z",
"dateUpdated": "2025-04-16T16:24:46.545Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-22680 (GCVE-0-2021-22680)
Vulnerability from nvd – Published: 2022-05-03 20:25 – Updated: 2025-04-16 16:24
VLAI
Title
NXP MQX Integer Overflow or Wraparound
Summary
NXP MQX Versions 5.1 and prior are vulnerable to integer overflow in mem_alloc, _lwmem_alloc and _partition functions. This unverified memory assignment can lead to arbitrary memory allocation, resulting in unexpected behavior such as a crash or a remote code injection/execution.
Severity
7.3 (High)
SSVC
Exploitation: none
Automatable: yes
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-190 - Integer Overflow or Wraparound
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://www.cisa.gov/uscert/ics/advisories/icsa-2… | x_refsource_CONFIRM |
Credits
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T18:51:06.698Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.cisa.gov/uscert/ics/advisories/icsa-21-119-04"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2021-22680",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-04-16T15:57:02.643903Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-04-16T16:24:38.678Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "MQX",
"vendor": "NXP",
"versions": [
{
"lessThanOrEqual": "5.1",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "David Atch, Omri Ben Bassat, and Tamir Ariel from Microsoft Section 52, and the Azure Defender for IoT research group reported these vulnerabilities to CISA."
}
],
"descriptions": [
{
"lang": "en",
"value": "NXP MQX Versions 5.1 and prior are vulnerable to integer overflow in mem_alloc, _lwmem_alloc and _partition functions. This unverified memory assignment can lead to arbitrary memory allocation, resulting in unexpected behavior such as a crash or a remote code injection/execution."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-190",
"description": "CWE-190 Integer Overflow or Wraparound",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-05-03T20:25:18.000Z",
"orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"shortName": "icscert"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.cisa.gov/uscert/ics/advisories/icsa-21-119-04"
}
],
"solutions": [
{
"lang": "en",
"value": "Update NXP MQX to 5.1 or newer"
}
],
"source": {
"defect": [
"\u201cBadAlloc\u201d"
],
"discovery": "EXTERNAL"
},
"title": "NXP MQX Integer Overflow or Wraparound",
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "ics-cert@hq.dhs.gov",
"ID": "CVE-2021-22680",
"STATE": "PUBLIC",
"TITLE": "NXP MQX Integer Overflow or Wraparound"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "MQX",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_value": "5.1"
}
]
}
}
]
},
"vendor_name": "NXP"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "David Atch, Omri Ben Bassat, and Tamir Ariel from Microsoft Section 52, and the Azure Defender for IoT research group reported these vulnerabilities to CISA."
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "NXP MQX Versions 5.1 and prior are vulnerable to integer overflow in mem_alloc, _lwmem_alloc and _partition functions. This unverified memory assignment can lead to arbitrary memory allocation, resulting in unexpected behavior such as a crash or a remote code injection/execution."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-190 Integer Overflow or Wraparound"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.cisa.gov/uscert/ics/advisories/icsa-21-119-04",
"refsource": "CONFIRM",
"url": "https://www.cisa.gov/uscert/ics/advisories/icsa-21-119-04"
}
]
},
"solution": [
{
"lang": "en",
"value": "Update NXP MQX to 5.1 or newer"
}
],
"source": {
"defect": [
"\u201cBadAlloc\u201d"
],
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"assignerShortName": "icscert",
"cveId": "CVE-2021-22680",
"datePublished": "2022-05-03T20:25:18.000Z",
"dateReserved": "2021-01-05T00:00:00.000Z",
"dateUpdated": "2025-04-16T16:24:38.678Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-38260 (GCVE-0-2021-38260)
Vulnerability from nvd – Published: 2021-10-25 21:19 – Updated: 2024-08-04 01:37
VLAI
Summary
NXP MCUXpresso SDK v2.7.0 was discovered to contain a buffer overflow in the function USB_HostParseDeviceConfigurationDescriptor().
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://mcusec.github.io/vulnerabilities_details#… | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T01:37:16.179Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://mcusec.github.io/vulnerabilities_details#nxp_usb"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "NXP MCUXpresso SDK v2.7.0 was discovered to contain a buffer overflow in the function USB_HostParseDeviceConfigurationDescriptor()."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-10-25T21:19:14.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://mcusec.github.io/vulnerabilities_details#nxp_usb"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2021-38260",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "NXP MCUXpresso SDK v2.7.0 was discovered to contain a buffer overflow in the function USB_HostParseDeviceConfigurationDescriptor()."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://mcusec.github.io/vulnerabilities_details#nxp_usb",
"refsource": "MISC",
"url": "https://mcusec.github.io/vulnerabilities_details#nxp_usb"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2021-38260",
"datePublished": "2021-10-25T21:19:14.000Z",
"dateReserved": "2021-08-09T00:00:00.000Z",
"dateUpdated": "2024-08-04T01:37:16.179Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-38258 (GCVE-0-2021-38258)
Vulnerability from nvd – Published: 2021-10-25 21:19 – Updated: 2024-08-04 01:37
VLAI
Summary
NXP MCUXpresso SDK v2.7.0 was discovered to contain a buffer overflow in the function USB_HostProcessCallback().
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://mcusec.github.io/vulnerabilities_details#… | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T01:37:16.362Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://mcusec.github.io/vulnerabilities_details#nxp_usb"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "NXP MCUXpresso SDK v2.7.0 was discovered to contain a buffer overflow in the function USB_HostProcessCallback()."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-10-25T21:19:11.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://mcusec.github.io/vulnerabilities_details#nxp_usb"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2021-38258",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "NXP MCUXpresso SDK v2.7.0 was discovered to contain a buffer overflow in the function USB_HostProcessCallback()."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://mcusec.github.io/vulnerabilities_details#nxp_usb",
"refsource": "MISC",
"url": "https://mcusec.github.io/vulnerabilities_details#nxp_usb"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2021-38258",
"datePublished": "2021-10-25T21:19:11.000Z",
"dateReserved": "2021-08-09T00:00:00.000Z",
"dateUpdated": "2024-08-04T01:37:16.362Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-3011 (GCVE-0-2021-3011)
Vulnerability from nvd – Published: 2021-01-07 15:07 – Updated: 2024-08-03 16:45
VLAI
Summary
An electromagnetic-wave side-channel issue was discovered on NXP SmartMX / P5x security microcontrollers and A7x secure authentication microcontrollers, with CryptoLib through v2.9. It allows attackers to extract the ECDSA private key after extensive physical access (and consequently produce a clone). This was demonstrated on the Google Titan Security Key, based on an NXP A7005a chip. Other FIDO U2F security keys are also impacted (Yubico YubiKey Neo and Feitian K9, K13, K21, and K40) as well as several NXP JavaCard smartcards (J3A081, J2A081, J3A041, J3D145_M59, J2D145_M59, J3D120_M60, J3D082_M60, J2D120_M60, J2D082_M60, J3D081_M59, J2D081_M59, J3D081_M61, J2D081_M61, J3D081_M59_DF, J3D081_M61_DF, J3E081_M64, J3E081_M66, J2E081_M64, J3E041_M66, J3E016_M66, J3E016_M64, J3E041_M64, J3E145_M64, J3E120_M65, J3E082_M65, J2E145_M64, J2E120_M65, J2E082_M65, J3E081_M64_DF, J3E081_M66_DF, J3E041_M66_DF, J3E016_M66_DF, J3E041_M64_DF, and J3E016_M64_DF).
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://ninjalab.io/wp-content/uploads/2021/01/a_… | x_refsource_MISC |
| https://ninjalab.io/a-side-journey-to-titan/ | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T16:45:50.631Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://ninjalab.io/wp-content/uploads/2021/01/a_side_journey_to_titan.pdf"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://ninjalab.io/a-side-journey-to-titan/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "An electromagnetic-wave side-channel issue was discovered on NXP SmartMX / P5x security microcontrollers and A7x secure authentication microcontrollers, with CryptoLib through v2.9. It allows attackers to extract the ECDSA private key after extensive physical access (and consequently produce a clone). This was demonstrated on the Google Titan Security Key, based on an NXP A7005a chip. Other FIDO U2F security keys are also impacted (Yubico YubiKey Neo and Feitian K9, K13, K21, and K40) as well as several NXP JavaCard smartcards (J3A081, J2A081, J3A041, J3D145_M59, J2D145_M59, J3D120_M60, J3D082_M60, J2D120_M60, J2D082_M60, J3D081_M59, J2D081_M59, J3D081_M61, J2D081_M61, J3D081_M59_DF, J3D081_M61_DF, J3E081_M64, J3E081_M66, J2E081_M64, J3E041_M66, J3E016_M66, J3E016_M64, J3E041_M64, J3E145_M64, J3E120_M65, J3E082_M65, J2E145_M64, J2E120_M65, J2E082_M65, J3E081_M64_DF, J3E081_M66_DF, J3E041_M66_DF, J3E016_M66_DF, J3E041_M64_DF, and J3E016_M64_DF)."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-01-07T15:07:18.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://ninjalab.io/wp-content/uploads/2021/01/a_side_journey_to_titan.pdf"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://ninjalab.io/a-side-journey-to-titan/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2021-3011",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An electromagnetic-wave side-channel issue was discovered on NXP SmartMX / P5x security microcontrollers and A7x secure authentication microcontrollers, with CryptoLib through v2.9. It allows attackers to extract the ECDSA private key after extensive physical access (and consequently produce a clone). This was demonstrated on the Google Titan Security Key, based on an NXP A7005a chip. Other FIDO U2F security keys are also impacted (Yubico YubiKey Neo and Feitian K9, K13, K21, and K40) as well as several NXP JavaCard smartcards (J3A081, J2A081, J3A041, J3D145_M59, J2D145_M59, J3D120_M60, J3D082_M60, J2D120_M60, J2D082_M60, J3D081_M59, J2D081_M59, J3D081_M61, J2D081_M61, J3D081_M59_DF, J3D081_M61_DF, J3E081_M64, J3E081_M66, J2E081_M64, J3E041_M66, J3E016_M66, J3E016_M64, J3E041_M64, J3E145_M64, J3E120_M65, J3E082_M65, J2E145_M64, J2E120_M65, J2E082_M65, J3E081_M64_DF, J3E081_M66_DF, J3E041_M66_DF, J3E016_M66_DF, J3E041_M64_DF, and J3E016_M64_DF)."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://ninjalab.io/wp-content/uploads/2021/01/a_side_journey_to_titan.pdf",
"refsource": "MISC",
"url": "https://ninjalab.io/wp-content/uploads/2021/01/a_side_journey_to_titan.pdf"
},
{
"name": "https://ninjalab.io/a-side-journey-to-titan/",
"refsource": "MISC",
"url": "https://ninjalab.io/a-side-journey-to-titan/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2021-3011",
"datePublished": "2021-01-07T15:07:18.000Z",
"dateReserved": "2021-01-04T00:00:00.000Z",
"dateUpdated": "2024-08-03T16:45:50.631Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-22680 (GCVE-0-2021-22680)
Vulnerability from cvelistv5 – Published: 2022-05-03 20:25 – Updated: 2025-04-16 16:24
VLAI
Title
NXP MQX Integer Overflow or Wraparound
Summary
NXP MQX Versions 5.1 and prior are vulnerable to integer overflow in mem_alloc, _lwmem_alloc and _partition functions. This unverified memory assignment can lead to arbitrary memory allocation, resulting in unexpected behavior such as a crash or a remote code injection/execution.
Severity
7.3 (High)
SSVC
Exploitation: none
Automatable: yes
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-190 - Integer Overflow or Wraparound
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://www.cisa.gov/uscert/ics/advisories/icsa-2… | x_refsource_CONFIRM |
Credits
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T18:51:06.698Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.cisa.gov/uscert/ics/advisories/icsa-21-119-04"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2021-22680",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-04-16T15:57:02.643903Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-04-16T16:24:38.678Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "MQX",
"vendor": "NXP",
"versions": [
{
"lessThanOrEqual": "5.1",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "David Atch, Omri Ben Bassat, and Tamir Ariel from Microsoft Section 52, and the Azure Defender for IoT research group reported these vulnerabilities to CISA."
}
],
"descriptions": [
{
"lang": "en",
"value": "NXP MQX Versions 5.1 and prior are vulnerable to integer overflow in mem_alloc, _lwmem_alloc and _partition functions. This unverified memory assignment can lead to arbitrary memory allocation, resulting in unexpected behavior such as a crash or a remote code injection/execution."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-190",
"description": "CWE-190 Integer Overflow or Wraparound",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-05-03T20:25:18.000Z",
"orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"shortName": "icscert"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.cisa.gov/uscert/ics/advisories/icsa-21-119-04"
}
],
"solutions": [
{
"lang": "en",
"value": "Update NXP MQX to 5.1 or newer"
}
],
"source": {
"defect": [
"\u201cBadAlloc\u201d"
],
"discovery": "EXTERNAL"
},
"title": "NXP MQX Integer Overflow or Wraparound",
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "ics-cert@hq.dhs.gov",
"ID": "CVE-2021-22680",
"STATE": "PUBLIC",
"TITLE": "NXP MQX Integer Overflow or Wraparound"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "MQX",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_value": "5.1"
}
]
}
}
]
},
"vendor_name": "NXP"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "David Atch, Omri Ben Bassat, and Tamir Ariel from Microsoft Section 52, and the Azure Defender for IoT research group reported these vulnerabilities to CISA."
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "NXP MQX Versions 5.1 and prior are vulnerable to integer overflow in mem_alloc, _lwmem_alloc and _partition functions. This unverified memory assignment can lead to arbitrary memory allocation, resulting in unexpected behavior such as a crash or a remote code injection/execution."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-190 Integer Overflow or Wraparound"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.cisa.gov/uscert/ics/advisories/icsa-21-119-04",
"refsource": "CONFIRM",
"url": "https://www.cisa.gov/uscert/ics/advisories/icsa-21-119-04"
}
]
},
"solution": [
{
"lang": "en",
"value": "Update NXP MQX to 5.1 or newer"
}
],
"source": {
"defect": [
"\u201cBadAlloc\u201d"
],
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"assignerShortName": "icscert",
"cveId": "CVE-2021-22680",
"datePublished": "2022-05-03T20:25:18.000Z",
"dateReserved": "2021-01-05T00:00:00.000Z",
"dateUpdated": "2025-04-16T16:24:38.678Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-27421 (GCVE-0-2021-27421)
Vulnerability from cvelistv5 – Published: 2022-05-03 20:24 – Updated: 2025-04-16 16:24
VLAI
Title
NXP MCUXpresso SDK Integer Overflow or Wraparound
Summary
NXP MCUXpresso SDK versions prior to 2.8.2 are vulnerable to integer overflow in SDK_Malloc function, which could allow to access memory locations outside the bounds of a specified array, leading to unexpected behavior such segmentation fault when assigning a particular block of memory from the heap via malloc.
Severity
7.3 (High)
SSVC
Exploitation: none
Automatable: yes
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-190 - Integer Overflow or Wraparound
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://www.cisa.gov/uscert/ics/advisories/icsa-2… | x_refsource_CONFIRM |
| https://mcuxpresso.nxp.com/en/welcome | x_refsource_CONFIRM |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| NXP | MCUXpresso SDK |
Affected:
unspecified , < 2.8.2
(custom)
|
Credits
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T20:48:17.120Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.cisa.gov/uscert/ics/advisories/icsa-21-119-04"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://mcuxpresso.nxp.com/en/welcome"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2021-27421",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-04-16T15:57:09.567914Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-04-16T16:24:46.545Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "MCUXpresso SDK",
"vendor": "NXP",
"versions": [
{
"lessThan": "2.8.2",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "David Atch, Omri Ben Bassat, and Tamir Ariel from Microsoft Section 52, and the Azure Defender for IoT research group reported these vulnerabilities to CISA."
}
],
"descriptions": [
{
"lang": "en",
"value": "NXP MCUXpresso SDK versions prior to 2.8.2 are vulnerable to integer overflow in SDK_Malloc function, which could allow to access memory locations outside the bounds of a specified array, leading to unexpected behavior such segmentation fault when assigning a particular block of memory from the heap via malloc."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-190",
"description": "CWE-190 Integer Overflow or Wraparound",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-05-03T20:24:23.000Z",
"orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"shortName": "icscert"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.cisa.gov/uscert/ics/advisories/icsa-21-119-04"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://mcuxpresso.nxp.com/en/welcome"
}
],
"solutions": [
{
"lang": "en",
"value": "Update NXP MCUXpresso SDK to 2.9.0 or later "
}
],
"source": {
"defect": [
"\u201cBadAlloc\u201d"
],
"discovery": "EXTERNAL"
},
"title": "NXP MCUXpresso SDK Integer Overflow or Wraparound",
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "ics-cert@hq.dhs.gov",
"ID": "CVE-2021-27421",
"STATE": "PUBLIC",
"TITLE": "NXP MCUXpresso SDK Integer Overflow or Wraparound"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "MCUXpresso SDK",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "2.8.2"
}
]
}
}
]
},
"vendor_name": "NXP"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "David Atch, Omri Ben Bassat, and Tamir Ariel from Microsoft Section 52, and the Azure Defender for IoT research group reported these vulnerabilities to CISA."
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "NXP MCUXpresso SDK versions prior to 2.8.2 are vulnerable to integer overflow in SDK_Malloc function, which could allow to access memory locations outside the bounds of a specified array, leading to unexpected behavior such segmentation fault when assigning a particular block of memory from the heap via malloc."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-190 Integer Overflow or Wraparound"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.cisa.gov/uscert/ics/advisories/icsa-21-119-04",
"refsource": "CONFIRM",
"url": "https://www.cisa.gov/uscert/ics/advisories/icsa-21-119-04"
},
{
"name": "https://mcuxpresso.nxp.com/en/welcome",
"refsource": "CONFIRM",
"url": "https://mcuxpresso.nxp.com/en/welcome"
}
]
},
"solution": [
{
"lang": "en",
"value": "Update NXP MCUXpresso SDK to 2.9.0 or later "
}
],
"source": {
"defect": [
"\u201cBadAlloc\u201d"
],
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"assignerShortName": "icscert",
"cveId": "CVE-2021-27421",
"datePublished": "2022-05-03T20:24:23.000Z",
"dateReserved": "2021-02-19T00:00:00.000Z",
"dateUpdated": "2025-04-16T16:24:46.545Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-38260 (GCVE-0-2021-38260)
Vulnerability from cvelistv5 – Published: 2021-10-25 21:19 – Updated: 2024-08-04 01:37
VLAI
Summary
NXP MCUXpresso SDK v2.7.0 was discovered to contain a buffer overflow in the function USB_HostParseDeviceConfigurationDescriptor().
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://mcusec.github.io/vulnerabilities_details#… | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T01:37:16.179Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://mcusec.github.io/vulnerabilities_details#nxp_usb"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "NXP MCUXpresso SDK v2.7.0 was discovered to contain a buffer overflow in the function USB_HostParseDeviceConfigurationDescriptor()."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-10-25T21:19:14.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://mcusec.github.io/vulnerabilities_details#nxp_usb"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2021-38260",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "NXP MCUXpresso SDK v2.7.0 was discovered to contain a buffer overflow in the function USB_HostParseDeviceConfigurationDescriptor()."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://mcusec.github.io/vulnerabilities_details#nxp_usb",
"refsource": "MISC",
"url": "https://mcusec.github.io/vulnerabilities_details#nxp_usb"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2021-38260",
"datePublished": "2021-10-25T21:19:14.000Z",
"dateReserved": "2021-08-09T00:00:00.000Z",
"dateUpdated": "2024-08-04T01:37:16.179Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-38258 (GCVE-0-2021-38258)
Vulnerability from cvelistv5 – Published: 2021-10-25 21:19 – Updated: 2024-08-04 01:37
VLAI
Summary
NXP MCUXpresso SDK v2.7.0 was discovered to contain a buffer overflow in the function USB_HostProcessCallback().
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://mcusec.github.io/vulnerabilities_details#… | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T01:37:16.362Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://mcusec.github.io/vulnerabilities_details#nxp_usb"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "NXP MCUXpresso SDK v2.7.0 was discovered to contain a buffer overflow in the function USB_HostProcessCallback()."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-10-25T21:19:11.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://mcusec.github.io/vulnerabilities_details#nxp_usb"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2021-38258",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "NXP MCUXpresso SDK v2.7.0 was discovered to contain a buffer overflow in the function USB_HostProcessCallback()."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://mcusec.github.io/vulnerabilities_details#nxp_usb",
"refsource": "MISC",
"url": "https://mcusec.github.io/vulnerabilities_details#nxp_usb"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2021-38258",
"datePublished": "2021-10-25T21:19:11.000Z",
"dateReserved": "2021-08-09T00:00:00.000Z",
"dateUpdated": "2024-08-04T01:37:16.362Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-3011 (GCVE-0-2021-3011)
Vulnerability from cvelistv5 – Published: 2021-01-07 15:07 – Updated: 2024-08-03 16:45
VLAI
Summary
An electromagnetic-wave side-channel issue was discovered on NXP SmartMX / P5x security microcontrollers and A7x secure authentication microcontrollers, with CryptoLib through v2.9. It allows attackers to extract the ECDSA private key after extensive physical access (and consequently produce a clone). This was demonstrated on the Google Titan Security Key, based on an NXP A7005a chip. Other FIDO U2F security keys are also impacted (Yubico YubiKey Neo and Feitian K9, K13, K21, and K40) as well as several NXP JavaCard smartcards (J3A081, J2A081, J3A041, J3D145_M59, J2D145_M59, J3D120_M60, J3D082_M60, J2D120_M60, J2D082_M60, J3D081_M59, J2D081_M59, J3D081_M61, J2D081_M61, J3D081_M59_DF, J3D081_M61_DF, J3E081_M64, J3E081_M66, J2E081_M64, J3E041_M66, J3E016_M66, J3E016_M64, J3E041_M64, J3E145_M64, J3E120_M65, J3E082_M65, J2E145_M64, J2E120_M65, J2E082_M65, J3E081_M64_DF, J3E081_M66_DF, J3E041_M66_DF, J3E016_M66_DF, J3E041_M64_DF, and J3E016_M64_DF).
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://ninjalab.io/wp-content/uploads/2021/01/a_… | x_refsource_MISC |
| https://ninjalab.io/a-side-journey-to-titan/ | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T16:45:50.631Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://ninjalab.io/wp-content/uploads/2021/01/a_side_journey_to_titan.pdf"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://ninjalab.io/a-side-journey-to-titan/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "An electromagnetic-wave side-channel issue was discovered on NXP SmartMX / P5x security microcontrollers and A7x secure authentication microcontrollers, with CryptoLib through v2.9. It allows attackers to extract the ECDSA private key after extensive physical access (and consequently produce a clone). This was demonstrated on the Google Titan Security Key, based on an NXP A7005a chip. Other FIDO U2F security keys are also impacted (Yubico YubiKey Neo and Feitian K9, K13, K21, and K40) as well as several NXP JavaCard smartcards (J3A081, J2A081, J3A041, J3D145_M59, J2D145_M59, J3D120_M60, J3D082_M60, J2D120_M60, J2D082_M60, J3D081_M59, J2D081_M59, J3D081_M61, J2D081_M61, J3D081_M59_DF, J3D081_M61_DF, J3E081_M64, J3E081_M66, J2E081_M64, J3E041_M66, J3E016_M66, J3E016_M64, J3E041_M64, J3E145_M64, J3E120_M65, J3E082_M65, J2E145_M64, J2E120_M65, J2E082_M65, J3E081_M64_DF, J3E081_M66_DF, J3E041_M66_DF, J3E016_M66_DF, J3E041_M64_DF, and J3E016_M64_DF)."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-01-07T15:07:18.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://ninjalab.io/wp-content/uploads/2021/01/a_side_journey_to_titan.pdf"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://ninjalab.io/a-side-journey-to-titan/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2021-3011",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An electromagnetic-wave side-channel issue was discovered on NXP SmartMX / P5x security microcontrollers and A7x secure authentication microcontrollers, with CryptoLib through v2.9. It allows attackers to extract the ECDSA private key after extensive physical access (and consequently produce a clone). This was demonstrated on the Google Titan Security Key, based on an NXP A7005a chip. Other FIDO U2F security keys are also impacted (Yubico YubiKey Neo and Feitian K9, K13, K21, and K40) as well as several NXP JavaCard smartcards (J3A081, J2A081, J3A041, J3D145_M59, J2D145_M59, J3D120_M60, J3D082_M60, J2D120_M60, J2D082_M60, J3D081_M59, J2D081_M59, J3D081_M61, J2D081_M61, J3D081_M59_DF, J3D081_M61_DF, J3E081_M64, J3E081_M66, J2E081_M64, J3E041_M66, J3E016_M66, J3E016_M64, J3E041_M64, J3E145_M64, J3E120_M65, J3E082_M65, J2E145_M64, J2E120_M65, J2E082_M65, J3E081_M64_DF, J3E081_M66_DF, J3E041_M66_DF, J3E016_M66_DF, J3E041_M64_DF, and J3E016_M64_DF)."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://ninjalab.io/wp-content/uploads/2021/01/a_side_journey_to_titan.pdf",
"refsource": "MISC",
"url": "https://ninjalab.io/wp-content/uploads/2021/01/a_side_journey_to_titan.pdf"
},
{
"name": "https://ninjalab.io/a-side-journey-to-titan/",
"refsource": "MISC",
"url": "https://ninjalab.io/a-side-journey-to-titan/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2021-3011",
"datePublished": "2021-01-07T15:07:18.000Z",
"dateReserved": "2021-01-04T00:00:00.000Z",
"dateUpdated": "2024-08-03T16:45:50.631Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}