Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
4.6
CVSSv3

CVE-2017-18347

Published: 12/09/2018 Updated: 04/05/2021
CVSS v2 Base Score: 4.9 | Impact Score: 6.9 | Exploitability Score: 3.9
CVSS v3 Base Score: 4.6 | Impact Score: 3.6 | Exploitability Score: 0.9
VMScore: 436
Vector: AV:L/AC:L/Au:N/C:C/I:N/A:N
Subscribe to St

Vulnerability Summary

Incorrect access control in RDP Level 1 on STMicroelectronics STM32F0 series devices allows physically present malicious users to extract the device's protected firmware via a special sequence of Serial Wire Debug (SWD) commands because there is a race condition between full initialization of the SWD interface and the setup of flash protection.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

st stm32f071rb_firmware -

st stm32f071v8_firmware -

st stm32f071vb_firmware -

st stm32f072c8_firmware -

st stm32f072cb_firmware -

st stm32f072r8_firmware -

st stm32f072rb_firmware -

st stm32f072v8_firmware -

st stm32f072vb_firmware -

st stm32f078cb_firmware -

st stm32f078rb_firmware -

st stm32f078vb_firmware -

st stm32f091cb_firmware -

st stm32f091cc_firmware -

st stm32f091rb_firmware -

st stm32f091rc_firmware -

st stm32f091vb_firmware -

st stm32f091vc_firmware -

st stm32f098cc_firmware -

st stm32f098rc_firmware -

st stm32f098vc_firmware -

st stm32f070c6_firmware -

st stm32f070cb_firmware -

st stm32f070f6_firmware -

st stm32f070rb_firmware -

st stm32f071c8_firmware -

st stm32f071cb_firmware -

st stm32f051t8_firmware -

st stm32f058c8_firmware -

st stm32f058r8_firmware -

st stm32f058t8_firmware -

st stm32f051k4_firmware -

st stm32f051k6_firmware -

st stm32f051k8_firmware -

st stm32f051r4_firmware -

st stm32f051r6_firmware -

st stm32f051r8_firmware -

st stm32f042t6_firmware -

st stm32f048c6_firmware -

st stm32f048g6_firmware -

st stm32f048t6_firmware -

st stm32f051c4_firmware -

st stm32f051c6_firmware -

st stm32f051c8_firmware -

st stm32f042f4_firmware -

st stm32f042f6_firmware -

st stm32f042g4_firmware -

st stm32f042g6_firmware -

st stm32f042k4_firmware -

st stm32f042k6_firmware -

st stm32f038c6_firmware -

st stm32f038e6_firmware -

st stm32f038f6_firmware -

st stm32f038g6_firmware -

st stm32f038k6_firmware -

st stm32f042c4_firmware -

st stm32f042c6_firmware -

st stm32f031e6_firmware -

st stm32f031f4_firmware -

st stm32f031f6_firmware -

st stm32f031g4_firmware -

st stm32f031g6_firmware -

st stm32f031k4_firmware -

st stm32f030f4_firmware -

st stm32f030k6_firmware -

st stm32f030r8_firmware -

st stm32f030rc_firmware -

st stm32f031c4_firmware -

st stm32f031c6_firmware -

st stm32f030c6_firmware -

st stm32f030c8_firmware -

st stm32f030cc_firmware -

References

CWE-362https://www.usenix.org/conference/woot17/workshop-program/presentation/obermaierhttps://www.aisec.fraunhofer.de/en/FirmwareProtection.htmlhttps://community.st.com/s/question/0D50X00009Xke7aSAB/readout-protection-cracked-on-stm32https://nvd.nist.gov
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
client sideCVE-2023-31889template injectionCVE-2024-4304CVE-2006-4304CVE-2024-33272type confusionCVE-2024-21345CVE-2024-33271
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook