CVE-2021-31532 Information
Jun 07, 2022
cve
Description
NXP LPC55S6x microcontrollers (0A and 1B) i.MX RT500 (silicon rev B1 and B2) i.MX RT600 (silicon rev A0 B0) LPC55S6x LPC55S2x LPC552x (silicon rev 0A 1B) LPC55S1x LPC551x (silicon rev 0A) and LPC55S0x LPC550x (silicon rev 0A) include an undocumented ROM patch peripheral that allows unsigned non-persistent modification of the internal ROM.
CVSS Vector
CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Reference
https://oxide.computer/blog/lpc55/ https://www.nxp.com
Attack Complexity
LOW
Privileges Required
NONE
User Interaction Required
NONE
Scope
NONE
Confidentiality Impact
UNCHANGED
Integrity Impact
HIGH
Availability Impact
HIGH
Base Score
HIGH
Base Severity
6.8
Share on: