CVE-2021-31532 - NXP LPC55S6x microcontrollers (0A and 1B), i.MX RT500 (silicon rev B1 and B2), i.MX RT600 (silicon r

CVE-2021-31532

Summary

NXP LPC55S6x microcontrollers (0A and 1B), i.MX RT500 (silicon rev B1 and B2), i.MX RT600 (silicon rev A0, B0), LPC55S6x, LPC55S2x, LPC552x (silicon rev 0A, 1B), LPC55S1x, LPC551x (silicon rev 0A) and LPC55S0x, LPC550x (silicon rev 0A) include an undocumented ROM patch peripheral that allows unsigned, non-persistent modification of the internal ROM.

References

Vulnerable Configurations

cpe:2.3:o:nxp:lpc55s69jbd100_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:nxp:lpc55s69jbd100_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:nxp:lpc55s69jbd100:0a:*:*:*:*:*:*:*
cpe:2.3:h:nxp:lpc55s69jbd100:0a:*:*:*:*:*:*:*
cpe:2.3:h:nxp:lpc55s69jbd100:1b:*:*:*:*:*:*:*
cpe:2.3:h:nxp:lpc55s69jbd100:1b:*:*:*:*:*:*:*
cpe:2.3:o:nxp:lpc55s66jbd100_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:nxp:lpc55s66jbd100_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:nxp:lpc55s66jbd100:0a:*:*:*:*:*:*:*
cpe:2.3:h:nxp:lpc55s66jbd100:0a:*:*:*:*:*:*:*
cpe:2.3:h:nxp:lpc55s66jbd100:1b:*:*:*:*:*:*:*
cpe:2.3:h:nxp:lpc55s66jbd100:1b:*:*:*:*:*:*:*
cpe:2.3:o:nxp:lpc55s69jev98_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:nxp:lpc55s69jev98_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:nxp:lpc55s69jev98:0a:*:*:*:*:*:*:*
cpe:2.3:h:nxp:lpc55s69jev98:0a:*:*:*:*:*:*:*
cpe:2.3:h:nxp:lpc55s69jev98:1b:*:*:*:*:*:*:*
cpe:2.3:h:nxp:lpc55s69jev98:1b:*:*:*:*:*:*:*
cpe:2.3:o:nxp:lpcs66jev98_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:nxp:lpcs66jev98_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:nxp:lpcs66jev98:0a:*:*:*:*:*:*:*
cpe:2.3:h:nxp:lpcs66jev98:0a:*:*:*:*:*:*:*
cpe:2.3:h:nxp:lpcs66jev98:1b:*:*:*:*:*:*:*
cpe:2.3:h:nxp:lpcs66jev98:1b:*:*:*:*:*:*:*
cpe:2.3:o:nxp:lpc55s69jbd64_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:nxp:lpc55s69jbd64_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:nxp:lpc55s69jbd64:0a:*:*:*:*:*:*:*
cpe:2.3:h:nxp:lpc55s69jbd64:0a:*:*:*:*:*:*:*
cpe:2.3:h:nxp:lpc55s69jbd64:1b:*:*:*:*:*:*:*
cpe:2.3:h:nxp:lpc55s69jbd64:1b:*:*:*:*:*:*:*
cpe:2.3:o:nxp:lpcs66jbd64_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:nxp:lpcs66jbd64_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:nxp:lpcs66jbd64:0a:*:*:*:*:*:*:*
cpe:2.3:h:nxp:lpcs66jbd64:0a:*:*:*:*:*:*:*
cpe:2.3:h:nxp:lpcs66jbd64:1b:*:*:*:*:*:*:*
cpe:2.3:h:nxp:lpcs66jbd64:1b:*:*:*:*:*:*:*
cpe:2.3:o:nxp:i.mx_rt500_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:nxp:i.mx_rt500_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:nxp:i.mx_rt500:b1:*:*:*:*:*:*:*
cpe:2.3:h:nxp:i.mx_rt500:b1:*:*:*:*:*:*:*
cpe:2.3:h:nxp:i.mx_rt500:b2:*:*:*:*:*:*:*
cpe:2.3:h:nxp:i.mx_rt500:b2:*:*:*:*:*:*:*
cpe:2.3:o:nxp:i.mx_rt600_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:nxp:i.mx_rt600_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:nxp:i.mx_rt600:a0:*:*:*:*:*:*:*
cpe:2.3:h:nxp:i.mx_rt600:a0:*:*:*:*:*:*:*
cpe:2.3:h:nxp:i.mx_rt600:b0:*:*:*:*:*:*:*
cpe:2.3:h:nxp:i.mx_rt600:b0:*:*:*:*:*:*:*
cpe:2.3:o:nxp:lpc55s28_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:nxp:lpc55s28_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:nxp:lpc55s28:0a:*:*:*:*:*:*:*
cpe:2.3:h:nxp:lpc55s28:0a:*:*:*:*:*:*:*
cpe:2.3:h:nxp:lpc55s28:1b:*:*:*:*:*:*:*
cpe:2.3:h:nxp:lpc55s28:1b:*:*:*:*:*:*:*
cpe:2.3:o:nxp:lpc55s26_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:nxp:lpc55s26_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:nxp:lpc55s26:0a:*:*:*:*:*:*:*
cpe:2.3:h:nxp:lpc55s26:0a:*:*:*:*:*:*:*
cpe:2.3:h:nxp:lpc55s26:1b:*:*:*:*:*:*:*
cpe:2.3:h:nxp:lpc55s26:1b:*:*:*:*:*:*:*
cpe:2.3:o:nxp:lpc5528_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:nxp:lpc5528_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:nxp:lpc5528:0a:*:*:*:*:*:*:*
cpe:2.3:h:nxp:lpc5528:0a:*:*:*:*:*:*:*
cpe:2.3:h:nxp:lpc5528:1b:*:*:*:*:*:*:*
cpe:2.3:h:nxp:lpc5528:1b:*:*:*:*:*:*:*
cpe:2.3:o:nxp:lpc5526_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:nxp:lpc5526_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:nxp:lpc5526:0a:*:*:*:*:*:*:*
cpe:2.3:h:nxp:lpc5526:0a:*:*:*:*:*:*:*
cpe:2.3:h:nxp:lpc5526:1b:*:*:*:*:*:*:*
cpe:2.3:h:nxp:lpc5526:1b:*:*:*:*:*:*:*
cpe:2.3:o:nxp:lpc55s16jbd100_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:nxp:lpc55s16jbd100_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:nxp:lpc55s16jbd100:0a:*:*:*:*:*:*:*
cpe:2.3:h:nxp:lpc55s16jbd100:0a:*:*:*:*:*:*:*
cpe:2.3:o:nxp:lpc55s16jev98_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:nxp:lpc55s16jev98_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:nxp:lpc55s16jev98:0a:*:*:*:*:*:*:*
cpe:2.3:h:nxp:lpc55s16jev98:0a:*:*:*:*:*:*:*
cpe:2.3:o:nxp:lpc55s16jbd64_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:nxp:lpc55s16jbd64_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:nxp:lpc55s16jbd64:0a:*:*:*:*:*:*:*
cpe:2.3:h:nxp:lpc55s16jbd64:0a:*:*:*:*:*:*:*
cpe:2.3:o:nxp:lpc55s14jbd100_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:nxp:lpc55s14jbd100_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:nxp:lpc55s14jbd100:0a:*:*:*:*:*:*:*
cpe:2.3:h:nxp:lpc55s14jbd100:0a:*:*:*:*:*:*:*
cpe:2.3:o:nxp:lpc55s14jbd64_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:nxp:lpc55s14jbd64_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:nxp:lpc55s14jbd64:0a:*:*:*:*:*:*:*
cpe:2.3:h:nxp:lpc55s14jbd64:0a:*:*:*:*:*:*:*
cpe:2.3:o:nxp:lpc5516jbd100_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:nxp:lpc5516jbd100_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:nxp:lpc5516jbd100:0a:*:*:*:*:*:*:*
cpe:2.3:h:nxp:lpc5516jbd100:0a:*:*:*:*:*:*:*
cpe:2.3:o:nxp:lpc5516jev98_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:nxp:lpc5516jev98_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:nxp:lpc5516jev98:0a:*:*:*:*:*:*:*
cpe:2.3:h:nxp:lpc5516jev98:0a:*:*:*:*:*:*:*
cpe:2.3:o:nxp:lpc5516jbd64_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:nxp:lpc5516jbd64_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:nxp:lpc5516jbd64:0a:*:*:*:*:*:*:*
cpe:2.3:h:nxp:lpc5516jbd64:0a:*:*:*:*:*:*:*
cpe:2.3:o:nxp:lpc5514jbd100_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:nxp:lpc5514jbd100_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:nxp:lpc5514jbd100:0a:*:*:*:*:*:*:*
cpe:2.3:h:nxp:lpc5514jbd100:0a:*:*:*:*:*:*:*
cpe:2.3:o:nxp:lpc5514jbd64_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:nxp:lpc5514jbd64_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:nxp:lpc5514jbd64:0a:*:*:*:*:*:*:*
cpe:2.3:h:nxp:lpc5514jbd64:0a:*:*:*:*:*:*:*
cpe:2.3:o:nxp:lpc5512jbd100_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:nxp:lpc5512jbd100_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:nxp:lpc5512jbd100:0a:*:*:*:*:*:*:*
cpe:2.3:h:nxp:lpc5512jbd100:0a:*:*:*:*:*:*:*
cpe:2.3:o:nxp:lpc5512jbd64_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:nxp:lpc5512jbd64_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:nxp:lpc5512jbd64:0a:*:*:*:*:*:*:*
cpe:2.3:h:nxp:lpc5512jbd64:0a:*:*:*:*:*:*:*

CVSS

Base:	4.6 (as of 12-07-2022 - 17:42)
Impact:
Exploitability:

CWE

NVD-CWE-Other

CAPEC

Access

Vector	Complexity	Authentication
LOCAL	LOW	NONE

Impact

Confidentiality	Integrity	Availability
PARTIAL	PARTIAL	PARTIAL

cvss-vector via4

AV:L/AC:L/Au:N/C:P/I:P/A:P

Last major update

12-07-2022 - 17:42

Published

06-05-2021 - 13:15

Last modified

12-07-2022 - 17:42