CVE-2017-18347 Information
Feb 14, 2021
cve
Description
Incorrect access control in RDP Level 1 on STMicroelectronics STM32F0 series devices allows physically present attackers to extract the device’s protected firmware via a special sequence of Serial Wire Debug (SWD) commands because there is a race condition between full initialization of the SWD interface and the setup of flash protection.
CVSS Vector
CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Reference
https://community.st.com/s/question/0D50X00009Xke7aSAB/readout-protection-cracked-on-stm32 https://www.aisec.fraunhofer.de/en/FirmwareProtection.html https://www.usenix.org/conference/woot17/workshop-program/presentation/obermaier
Attack Complexity
LOW
Privileges Required
NONE
User Interaction Required
NONE
Scope
NONE
Confidentiality Impact
UNCHANGED
Integrity Impact
HIGH
Availability Impact
NONE
Base Score
NONE
Base Severity
4.6
Share on: