Skip to main content

Stm32L1 Firmware

2 CVEs product

Monthly

CVE-2019-14238 MEDIUM POC This Month

On STMicroelectronics STM32F7 devices, Proprietary Code Read Out Protection (PCROP) (a software IP protection method) can be defeated with a debug probe via the Instruction Tightly Coupled Memory. Rated medium severity (CVSS 6.6), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Authentication Bypass Stm32L0 Firmware Stm32L1 Firmware Stm32F4 Firmware Stm32L4 Firmware +2
NVD
CVSS 3.1
6.6
EPSS
0.4%
CVE-2019-14236 CRITICAL POC Act Now

On STMicroelectronics STM32L0, STM32L1, STM32L4, STM32F4, STM32F7, and STM32H7 devices, Proprietary Code Read Out Protection (PCROP) (a software IP protection method) can be defeated by observing CPU. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Authentication Bypass Stm32L0 Firmware Stm32L1 Firmware Stm32F4 Firmware Stm32L4 Firmware +2
NVD
CVSS 3.1
9.8
EPSS
2.3%
EPSS 0% CVSS 6.6
MEDIUM POC This Month

On STMicroelectronics STM32F7 devices, Proprietary Code Read Out Protection (PCROP) (a software IP protection method) can be defeated with a debug probe via the Instruction Tightly Coupled Memory. Rated medium severity (CVSS 6.6), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Authentication Bypass Stm32L0 Firmware Stm32L1 Firmware +4
NVD
EPSS 2% CVSS 9.8
CRITICAL POC Act Now

On STMicroelectronics STM32L0, STM32L1, STM32L4, STM32F4, STM32F7, and STM32H7 devices, Proprietary Code Read Out Protection (PCROP) (a software IP protection method) can be defeated by observing CPU. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Authentication Bypass Stm32L0 Firmware Stm32L1 Firmware +4
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy