Vulnerabilites related to nxp - lpc55s69jbd64_firmware
Vulnerability from fkie_nvd
Published
2022-03-23 22:15
Modified
2024-11-21 06:47
Severity ?
Summary
NXP LPC55S66JBD64, LPC55S66JBD100, LPC55S66JEV98, LPC55S69JBD64, LPC55S69JBD100, and LPC55S69JEV98 microcontrollers (ROM version 1B) have a buffer overflow in parsing SB2 updates before the signature is verified. This can allow an attacker to achieve non-persistent code execution via a crafted unsigned update.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | https://oxide.computer/blog/another-vulnerability-in-the-lpc55s69-rom | Exploit, Third Party Advisory | |
| cve@mitre.org | https://www.nxp.com | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://oxide.computer/blog/another-vulnerability-in-the-lpc55s69-rom | Exploit, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.nxp.com | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| nxp | lpc55s66jbd64_firmware | - | |
| nxp | lpc55s66jbd64 | - | |
| nxp | lpc55s66jbd100_firmware | - | |
| nxp | lpc55s66jbd100 | - | |
| nxp | lpc55s66jev98_firmware | - | |
| nxp | lpc55s66jev98 | - | |
| nxp | lpc55s69jbd64_firmware | - | |
| nxp | lpc55s69jbd64 | - | |
| nxp | lpc55s69jbd100_firmware | - | |
| nxp | lpc55s69jbd100 | - | |
| nxp | lpc55s69jev98_firmware | - | |
| nxp | lpc55s69jev98 | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:nxp:lpc55s66jbd64_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0C5709A1-1B83-4DDC-B3DC-336867D318DA",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:nxp:lpc55s66jbd64:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CD4A2DDD-E476-46D6-B715-ABFD2DBC1D88",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:nxp:lpc55s66jbd100_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B09DE32B-7CA7-4737-AF06-90B864A50A85",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:nxp:lpc55s66jbd100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A1198FA4-CE4B-4637-B5EF-ED7C7F244DFD",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:nxp:lpc55s66jev98_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CF7610B9-70B5-451E-ABC6-A447B2AC6FDF",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:nxp:lpc55s66jev98:-:*:*:*:*:*:*:*",
"matchCriteriaId": "26327E81-0B45-4184-B42F-6497F840230D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:nxp:lpc55s69jbd64_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "18444119-AF09-496A-A3EF-9417DE557916",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:nxp:lpc55s69jbd64:-:*:*:*:*:*:*:*",
"matchCriteriaId": "785D9828-78BB-43C8-98E9-1AFDD717751F",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:nxp:lpc55s69jbd100_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C01C4752-62DA-432C-A802-F9478F06CAAF",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:nxp:lpc55s69jbd100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3C80F79A-520A-4A03-9D1A-8001DB385DBC",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:nxp:lpc55s69jev98_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "25C0290C-529A-42C8-AF2E-B26462E3824C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:nxp:lpc55s69jev98:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D7511FE0-734D-48E4-8F80-06992AE21C76",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "NXP LPC55S66JBD64, LPC55S66JBD100, LPC55S66JEV98, LPC55S69JBD64, LPC55S69JBD100, and LPC55S69JEV98 microcontrollers (ROM version 1B) have a buffer overflow in parsing SB2 updates before the signature is verified. This can allow an attacker to achieve non-persistent code execution via a crafted unsigned update."
},
{
"lang": "es",
"value": "Los microcontroladores NXP LPC55S66JBD64, LPC55S66JBD100, LPC55S66JEV98, LPC55S69JBD64, LPC55S69JBD100 y LPC55S69JEV98 (versi\u00f3n ROM 1B), presentan un desbordamiento de b\u00fafer al analizar las actualizaciones SB2 antes de verificar la firma. Esto puede permitir a un atacante lograr una ejecuci\u00f3n de c\u00f3digo no persistente por medio de una actualizaci\u00f3n sin firma dise\u00f1ada"
}
],
"id": "CVE-2022-22819",
"lastModified": "2024-11-21T06:47:30.853",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-03-23T22:15:13.097",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://oxide.computer/blog/another-vulnerability-in-the-lpc55s69-rom"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "https://www.nxp.com"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://oxide.computer/blog/another-vulnerability-in-the-lpc55s69-rom"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.nxp.com"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-120"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2021-12-01 15:15
Modified
2024-11-21 06:23
Severity ?
6.1 (Medium) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:L
5.5 (Medium) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
5.5 (Medium) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Summary
NXP LPC55S69 devices before A3 have a buffer over-read via a crafted wlength value in a GET Descriptor Configuration request during use of USB In-System Programming (ISP) mode. This discloses protected flash memory.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | https://github.com/Xen1thLabs-AE/CVE-2021-40154 | Third Party Advisory | |
| cve@mitre.org | https://www.darkmatter.ae/xen1thlabs/published-advisories/ | Broken Link, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/Xen1thLabs-AE/CVE-2021-40154 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.darkmatter.ae/xen1thlabs/published-advisories/ | Broken Link, Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| nxp | lpc55s69jbd100_firmware | - | |
| nxp | lpc55s69jbd100 | 0a | |
| nxp | lpc55s69jbd100_firmware | - | |
| nxp | lpc55s69jbd100 | 1b | |
| nxp | lpc55s69jbd64_firmware | - | |
| nxp | lpc55s69jbd64 | 0a | |
| nxp | lpc55s69jbd64_firmware | - | |
| nxp | lpc55s69jbd64 | 1b | |
| nxp | lpc55s69jev98_firmware | - | |
| nxp | lpc55s69jev98 | 0a | |
| nxp | lpc55s69jev98_firmware | - | |
| nxp | lpc55s69jev98 | 1b |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:nxp:lpc55s69jbd100_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C01C4752-62DA-432C-A802-F9478F06CAAF",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:nxp:lpc55s69jbd100:0a:*:*:*:*:*:*:*",
"matchCriteriaId": "EAD0A6CB-74C5-4D26-A8AD-33BED194D6A5",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:nxp:lpc55s69jbd100_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C01C4752-62DA-432C-A802-F9478F06CAAF",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:nxp:lpc55s69jbd100:1b:*:*:*:*:*:*:*",
"matchCriteriaId": "E045483A-280E-4A52-AB78-AB646C5D1AE3",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:nxp:lpc55s69jbd64_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "18444119-AF09-496A-A3EF-9417DE557916",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:nxp:lpc55s69jbd64:0a:*:*:*:*:*:*:*",
"matchCriteriaId": "F4C7E243-8350-437B-A287-F874C39353C0",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:nxp:lpc55s69jbd64_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "18444119-AF09-496A-A3EF-9417DE557916",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:nxp:lpc55s69jbd64:1b:*:*:*:*:*:*:*",
"matchCriteriaId": "B72B96A2-11BB-491F-908D-9744B64B83AB",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:nxp:lpc55s69jev98_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "25C0290C-529A-42C8-AF2E-B26462E3824C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:nxp:lpc55s69jev98:0a:*:*:*:*:*:*:*",
"matchCriteriaId": "A23F037B-E7D1-4BAC-AB4B-09CD8F8F77F6",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:nxp:lpc55s69jev98_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "25C0290C-529A-42C8-AF2E-B26462E3824C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:nxp:lpc55s69jev98:1b:*:*:*:*:*:*:*",
"matchCriteriaId": "37881CE5-1909-48D0-9BED-4031E520DE0F",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "NXP LPC55S69 devices before A3 have a buffer over-read via a crafted wlength value in a GET Descriptor Configuration request during use of USB In-System Programming (ISP) mode. This discloses protected flash memory."
},
{
"lang": "es",
"value": "Los dispositivos NXP LPC55S69 versiones anteriores a A3, presentan una lectura excesiva del b\u00fafer por medio de un valor wlength dise\u00f1ado en una petici\u00f3n GET Descriptor Configuration durante el uso del modo USB In-System Programming (ISP). Esto revela la memoria flash protegida"
}
],
"id": "CVE-2021-40154",
"lastModified": "2024-11-21T06:23:40.750",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 2.1,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:L",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 4.2,
"source": "cve@mitre.org",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-12-01T15:15:07.603",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://github.com/Xen1thLabs-AE/CVE-2021-40154"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link",
"Third Party Advisory"
],
"url": "https://www.darkmatter.ae/xen1thlabs/published-advisories/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://github.com/Xen1thLabs-AE/CVE-2021-40154"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link",
"Third Party Advisory"
],
"url": "https://www.darkmatter.ae/xen1thlabs/published-advisories/"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-125"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2021-05-06 13:15
Modified
2024-11-21 06:05
Severity ?
Summary
NXP LPC55S6x microcontrollers (0A and 1B), i.MX RT500 (silicon rev B1 and B2), i.MX RT600 (silicon rev A0, B0), LPC55S6x, LPC55S2x, LPC552x (silicon rev 0A, 1B), LPC55S1x, LPC551x (silicon rev 0A) and LPC55S0x, LPC550x (silicon rev 0A) include an undocumented ROM patch peripheral that allows unsigned, non-persistent modification of the internal ROM.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | https://oxide.computer/blog/lpc55/ | Exploit, Third Party Advisory | |
| cve@mitre.org | https://www.nxp.com | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://oxide.computer/blog/lpc55/ | Exploit, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.nxp.com | Vendor Advisory |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:nxp:lpc55s69jbd100_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C01C4752-62DA-432C-A802-F9478F06CAAF",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:nxp:lpc55s69jbd100:0a:*:*:*:*:*:*:*",
"matchCriteriaId": "EAD0A6CB-74C5-4D26-A8AD-33BED194D6A5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nxp:lpc55s69jbd100:1b:*:*:*:*:*:*:*",
"matchCriteriaId": "E045483A-280E-4A52-AB78-AB646C5D1AE3",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:nxp:lpc55s66jbd100_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B09DE32B-7CA7-4737-AF06-90B864A50A85",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:nxp:lpc55s66jbd100:0a:*:*:*:*:*:*:*",
"matchCriteriaId": "01FE85F9-561D-40D4-BA58-53E4709EBAB0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nxp:lpc55s66jbd100:1b:*:*:*:*:*:*:*",
"matchCriteriaId": "3790AA82-3918-4697-BAAF-7AD09A79D77C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:nxp:lpc55s69jev98_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "25C0290C-529A-42C8-AF2E-B26462E3824C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:nxp:lpc55s69jev98:0a:*:*:*:*:*:*:*",
"matchCriteriaId": "A23F037B-E7D1-4BAC-AB4B-09CD8F8F77F6",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nxp:lpc55s69jev98:1b:*:*:*:*:*:*:*",
"matchCriteriaId": "37881CE5-1909-48D0-9BED-4031E520DE0F",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:nxp:lpcs66jev98_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "267460F6-E63B-4B62-AD1F-2445CD90F011",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:nxp:lpcs66jev98:0a:*:*:*:*:*:*:*",
"matchCriteriaId": "E95E7987-A8BB-4194-8850-5607E5BCE2EC",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nxp:lpcs66jev98:1b:*:*:*:*:*:*:*",
"matchCriteriaId": "680C23F3-A50D-427F-8560-A512AE01ECD4",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:nxp:lpc55s69jbd64_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "18444119-AF09-496A-A3EF-9417DE557916",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:nxp:lpc55s69jbd64:0a:*:*:*:*:*:*:*",
"matchCriteriaId": "F4C7E243-8350-437B-A287-F874C39353C0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nxp:lpc55s69jbd64:1b:*:*:*:*:*:*:*",
"matchCriteriaId": "B72B96A2-11BB-491F-908D-9744B64B83AB",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:nxp:lpcs66jbd64_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "70132218-3326-40B3-AC85-4679CF7A87F4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:nxp:lpcs66jbd64:0a:*:*:*:*:*:*:*",
"matchCriteriaId": "22DEEEC1-0213-4D06-96AE-F636CFDCE77C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nxp:lpcs66jbd64:1b:*:*:*:*:*:*:*",
"matchCriteriaId": "62BE7068-1ADF-48BF-B87F-4C704A1161FA",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:nxp:i.mx_rt500_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0A1A7E9E-9B0A-48CB-BD8D-DD700920DCA6",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:nxp:i.mx_rt500:b1:*:*:*:*:*:*:*",
"matchCriteriaId": "39D87D58-5444-4D80-BCBB-34C9F0AEDF6A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nxp:i.mx_rt500:b2:*:*:*:*:*:*:*",
"matchCriteriaId": "6E595E45-0858-471F-B1AC-81761977966F",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:nxp:i.mx_rt600_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2C26E5AD-E6B3-44A3-910E-EFC4F6F6B94D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:nxp:i.mx_rt600:a0:*:*:*:*:*:*:*",
"matchCriteriaId": "DF5618FA-901B-448A-9A2D-86430F08707D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nxp:i.mx_rt600:b0:*:*:*:*:*:*:*",
"matchCriteriaId": "D6B6B59D-9C34-4A27-8567-37E50F82854E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:nxp:lpc55s28_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2CCAACEE-6A62-46BF-96A3-0EE2584828C8",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:nxp:lpc55s28:0a:*:*:*:*:*:*:*",
"matchCriteriaId": "F88B2385-8C4B-4A98-9255-2D99234A13C9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nxp:lpc55s28:1b:*:*:*:*:*:*:*",
"matchCriteriaId": "59AC6614-A200-4545-91ED-D105CA38249C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:nxp:lpc55s26_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "473FED2F-64C5-4D95-AB32-FD0E00CAA919",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:nxp:lpc55s26:0a:*:*:*:*:*:*:*",
"matchCriteriaId": "794BBCDF-C65B-4B5E-9DCE-6277B0706E82",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nxp:lpc55s26:1b:*:*:*:*:*:*:*",
"matchCriteriaId": "29528CB4-B0B9-4CF1-80DB-E2FFFC225262",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:nxp:lpc5528_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3407A7AB-16F5-4665-8629-6196D8D228B6",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:nxp:lpc5528:0a:*:*:*:*:*:*:*",
"matchCriteriaId": "1F1DB2CD-8F26-4AF1-B85E-39E26666F0A0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nxp:lpc5528:1b:*:*:*:*:*:*:*",
"matchCriteriaId": "C442D5D4-A570-47AE-9BF7-218A2DA81A21",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:nxp:lpc5526_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CA772B1E-9936-40BD-974F-D181BE6763E5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:nxp:lpc5526:0a:*:*:*:*:*:*:*",
"matchCriteriaId": "228ED399-9C9C-4405-965E-1EF7FF55B906",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:nxp:lpc5526:1b:*:*:*:*:*:*:*",
"matchCriteriaId": "D23F0069-812A-4AA5-8A18-B35E8E996DD2",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:nxp:lpc55s16jbd100_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6D8DA850-A3E9-4E2A-AA33-FCA8ED6AA800",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:nxp:lpc55s16jbd100:0a:*:*:*:*:*:*:*",
"matchCriteriaId": "5C5796D8-5009-4C6F-92A0-D8C418967EE6",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:nxp:lpc55s16jev98_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B7210AB3-E010-4B8B-AC2C-7BF93D2DAABA",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:nxp:lpc55s16jev98:0a:*:*:*:*:*:*:*",
"matchCriteriaId": "9D214191-EF7A-48D9-94CF-123523716EA7",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:nxp:lpc55s16jbd64_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C482AFCA-581A-4CEE-B54B-9A9CB85D709A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:nxp:lpc55s16jbd64:0a:*:*:*:*:*:*:*",
"matchCriteriaId": "F945B88A-EAAF-486E-86BD-8D6C6529607A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:nxp:lpc55s14jbd100_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3FDB619D-729E-4B94-8F73-06DA57C4B428",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:nxp:lpc55s14jbd100:0a:*:*:*:*:*:*:*",
"matchCriteriaId": "FD9463A7-7B4A-4E1B-873C-72A80ED05DDA",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:nxp:lpc55s14jbd64_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B93246FF-501C-4162-A978-C9B99A4169D1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:nxp:lpc55s14jbd64:0a:*:*:*:*:*:*:*",
"matchCriteriaId": "EE36A31D-5ADB-455E-96E0-6A42ABBBCE7A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:nxp:lpc5516jbd100_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "48623257-530E-4FE4-ABDB-1DBD826BB870",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:nxp:lpc5516jbd100:0a:*:*:*:*:*:*:*",
"matchCriteriaId": "C02E13E7-9C52-43EE-B25D-F299B3165990",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:nxp:lpc5516jev98_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1BA31AE2-362F-42E0-ADB1-8B4E722B4E19",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:nxp:lpc5516jev98:0a:*:*:*:*:*:*:*",
"matchCriteriaId": "B5BAC590-3D4D-4796-B03D-3A9A89FEBA1E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:nxp:lpc5516jbd64_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "50390641-708D-4724-B52B-B5E515A03B9B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:nxp:lpc5516jbd64:0a:*:*:*:*:*:*:*",
"matchCriteriaId": "0F44502F-A383-4106-ADDE-CC2C694A3AA7",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:nxp:lpc5514jbd100_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "152F6782-A179-465F-A430-90E1CAF0A87A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:nxp:lpc5514jbd100:0a:*:*:*:*:*:*:*",
"matchCriteriaId": "8150A237-B3B9-4B63-AEFF-3A74138EE8B8",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:nxp:lpc5514jbd64_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1237E77E-4E08-47F2-A6E2-D9159F32429D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:nxp:lpc5514jbd64:0a:*:*:*:*:*:*:*",
"matchCriteriaId": "B26333DB-B724-4CA2-915F-AE5F017D99AD",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:nxp:lpc5512jbd100_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5ABFA071-EB5F-4041-B0A2-C7BEA7BAF1FD",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:nxp:lpc5512jbd100:0a:*:*:*:*:*:*:*",
"matchCriteriaId": "3D2A7874-E35A-483E-9389-1258E4B85BCD",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:nxp:lpc5512jbd64_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "343A3A84-E70D-48F8-8B20-7340DB918BEC",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:nxp:lpc5512jbd64:0a:*:*:*:*:*:*:*",
"matchCriteriaId": "39E99A86-7BAC-4B3E-8785-389F0DE262A7",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "NXP LPC55S6x microcontrollers (0A and 1B), i.MX RT500 (silicon rev B1 and B2), i.MX RT600 (silicon rev A0, B0), LPC55S6x, LPC55S2x, LPC552x (silicon rev 0A, 1B), LPC55S1x, LPC551x (silicon rev 0A) and LPC55S0x, LPC550x (silicon rev 0A) include an undocumented ROM patch peripheral that allows unsigned, non-persistent modification of the internal ROM."
},
{
"lang": "es",
"value": "Microcontroladores NXP LPC55S6x (0A y 1B), i.MX RT500 (silicio rev B1 y B2), i. MX RT600 (silicio rev A0, B0), LPC55S6x, LPC55S2x, LPC552x (silicio rev 0A, 1B), LPC55S1x, LPC551x (silicio rev 0A) y LPC55S0x, LPC550x (silicio rev 0A) incluyen un perif\u00e9rico de parcheo de ROM no documentado que permite la modificaci\u00f3n sin firma y no persistente de la ROM interna"
}
],
"id": "CVE-2021-31532",
"lastModified": "2024-11-21T06:05:51.807",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.6,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "PHYSICAL",
"availabilityImpact": "HIGH",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 0.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-05-06T13:15:12.667",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://oxide.computer/blog/lpc55/"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "https://www.nxp.com"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://oxide.computer/blog/lpc55/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.nxp.com"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
CVE-2021-40154 (GCVE-0-2021-40154)
Vulnerability from cvelistv5
Published
2021-12-01 14:50
Modified
2024-08-04 02:27
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
NXP LPC55S69 devices before A3 have a buffer over-read via a crafted wlength value in a GET Descriptor Configuration request during use of USB In-System Programming (ISP) mode. This discloses protected flash memory.
References
| ▼ | URL | Tags |
|---|---|---|
| https://www.darkmatter.ae/xen1thlabs/published-advisories/ | x_refsource_MISC | |
| https://github.com/Xen1thLabs-AE/CVE-2021-40154 | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T02:27:31.524Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.darkmatter.ae/xen1thlabs/published-advisories/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/Xen1thLabs-AE/CVE-2021-40154"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "NXP LPC55S69 devices before A3 have a buffer over-read via a crafted wlength value in a GET Descriptor Configuration request during use of USB In-System Programming (ISP) mode. This discloses protected flash memory."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AC:L/AV:L/A:L/C:H/I:N/PR:L/S:U/UI:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-12-01T14:50:48",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.darkmatter.ae/xen1thlabs/published-advisories/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/Xen1thLabs-AE/CVE-2021-40154"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2021-40154",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "NXP LPC55S69 devices before A3 have a buffer over-read via a crafted wlength value in a GET Descriptor Configuration request during use of USB In-System Programming (ISP) mode. This discloses protected flash memory."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AC:L/AV:L/A:L/C:H/I:N/PR:L/S:U/UI:N",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.darkmatter.ae/xen1thlabs/published-advisories/",
"refsource": "MISC",
"url": "https://www.darkmatter.ae/xen1thlabs/published-advisories/"
},
{
"name": "https://github.com/Xen1thLabs-AE/CVE-2021-40154",
"refsource": "MISC",
"url": "https://github.com/Xen1thLabs-AE/CVE-2021-40154"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2021-40154",
"datePublished": "2021-12-01T14:50:48",
"dateReserved": "2021-08-27T00:00:00",
"dateUpdated": "2024-08-04T02:27:31.524Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-31532 (GCVE-0-2021-31532)
Vulnerability from cvelistv5
Published
2021-05-06 10:49
Modified
2024-08-03 23:03
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
NXP LPC55S6x microcontrollers (0A and 1B), i.MX RT500 (silicon rev B1 and B2), i.MX RT600 (silicon rev A0, B0), LPC55S6x, LPC55S2x, LPC552x (silicon rev 0A, 1B), LPC55S1x, LPC551x (silicon rev 0A) and LPC55S0x, LPC550x (silicon rev 0A) include an undocumented ROM patch peripheral that allows unsigned, non-persistent modification of the internal ROM.
References
| ▼ | URL | Tags |
|---|---|---|
| https://www.nxp.com | x_refsource_MISC | |
| https://oxide.computer/blog/lpc55/ | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T23:03:33.271Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.nxp.com"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://oxide.computer/blog/lpc55/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "NXP LPC55S6x microcontrollers (0A and 1B), i.MX RT500 (silicon rev B1 and B2), i.MX RT600 (silicon rev A0, B0), LPC55S6x, LPC55S2x, LPC552x (silicon rev 0A, 1B), LPC55S1x, LPC551x (silicon rev 0A) and LPC55S0x, LPC550x (silicon rev 0A) include an undocumented ROM patch peripheral that allows unsigned, non-persistent modification of the internal ROM."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-06-09T19:05:18",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.nxp.com"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://oxide.computer/blog/lpc55/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2021-31532",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "NXP LPC55S6x microcontrollers (0A and 1B), i.MX RT500 (silicon rev B1 and B2), i.MX RT600 (silicon rev A0, B0), LPC55S6x, LPC55S2x, LPC552x (silicon rev 0A, 1B), LPC55S1x, LPC551x (silicon rev 0A) and LPC55S0x, LPC550x (silicon rev 0A) include an undocumented ROM patch peripheral that allows unsigned, non-persistent modification of the internal ROM."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.nxp.com",
"refsource": "MISC",
"url": "https://www.nxp.com"
},
{
"name": "https://oxide.computer/blog/lpc55/",
"refsource": "MISC",
"url": "https://oxide.computer/blog/lpc55/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2021-31532",
"datePublished": "2021-05-06T10:49:11",
"dateReserved": "2021-04-21T00:00:00",
"dateUpdated": "2024-08-03T23:03:33.271Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-22819 (GCVE-0-2022-22819)
Vulnerability from cvelistv5
Published
2022-03-23 21:13
Modified
2024-08-03 03:21
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
NXP LPC55S66JBD64, LPC55S66JBD100, LPC55S66JEV98, LPC55S69JBD64, LPC55S69JBD100, and LPC55S69JEV98 microcontrollers (ROM version 1B) have a buffer overflow in parsing SB2 updates before the signature is verified. This can allow an attacker to achieve non-persistent code execution via a crafted unsigned update.
References
| ▼ | URL | Tags |
|---|---|---|
| https://www.nxp.com | x_refsource_MISC | |
| https://oxide.computer/blog/another-vulnerability-in-the-lpc55s69-rom | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T03:21:49.121Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.nxp.com"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://oxide.computer/blog/another-vulnerability-in-the-lpc55s69-rom"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "NXP LPC55S66JBD64, LPC55S66JBD100, LPC55S66JEV98, LPC55S69JBD64, LPC55S69JBD100, and LPC55S69JEV98 microcontrollers (ROM version 1B) have a buffer overflow in parsing SB2 updates before the signature is verified. This can allow an attacker to achieve non-persistent code execution via a crafted unsigned update."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-03-23T21:13:46",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.nxp.com"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://oxide.computer/blog/another-vulnerability-in-the-lpc55s69-rom"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2022-22819",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "NXP LPC55S66JBD64, LPC55S66JBD100, LPC55S66JEV98, LPC55S69JBD64, LPC55S69JBD100, and LPC55S69JEV98 microcontrollers (ROM version 1B) have a buffer overflow in parsing SB2 updates before the signature is verified. This can allow an attacker to achieve non-persistent code execution via a crafted unsigned update."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.nxp.com",
"refsource": "MISC",
"url": "https://www.nxp.com"
},
{
"name": "https://oxide.computer/blog/another-vulnerability-in-the-lpc55s69-rom",
"refsource": "MISC",
"url": "https://oxide.computer/blog/another-vulnerability-in-the-lpc55s69-rom"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2022-22819",
"datePublished": "2022-03-23T21:13:46",
"dateReserved": "2022-01-07T00:00:00",
"dateUpdated": "2024-08-03T03:21:49.121Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}