var-201708-1391
Vulnerability from variot
An improper certificate validation issue was discovered in NXP i.MX 28 i.MX 50, i.MX 53, i.MX 7Solo i.MX 7Dual Vybrid VF3xx, Vybrid VF5xx, Vybrid VF6xx, i.MX 6ULL, i.MX 6UltraLite, i.MX 6SoloLite, i.MX 6Solo, i.MX 6DualLite, i.MX 6SoloX, i.MX 6Dual, i.MX 6Quad, i.MX 6DualPlus, and i.MX 6QuadPlus. When the device is configured in security enabled configuration, under certain conditions it is possible to bypass the signature verification by using a specially crafted certificate leading to the execution of an unsigned image. plural NXP i.MX and Vybrid The product contains a certificate validation vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. NXPi.MX50 and so on are different series of microprocessor products from NXPSemiconductors of the Netherlands. There are security vulnerabilities in several NXPi.MX products due to the program failing to properly validate the certificate. Failed exploit attempts will likely cause a denial-of-service condition. The following devices are affected: NXP i.MX 28, i.MX 50, i.MX 53, i.MX 7Solo i.MX 7Dual Vybrid VF3xx, Vybrid VF5xx, Vybrid VF6xx, i.MX 6ULL, i.MX 6UltraLite, i. MX 6SoloLite, i.MX 6Solo, i.MX 6DualLite, i.MX 6SoloX, i.MX 6Dual, i.MX 6Quad, i.MX 6DualPlus, i.MX 6QuadPlus
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201708-1391",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "i.mx 50",
"scope": "eq",
"trust": 1.6,
"vendor": "nxp",
"version": null
},
{
"model": "i.mx 53",
"scope": "eq",
"trust": 1.6,
"vendor": "nxp",
"version": null
},
{
"model": "i.mx 6ultralite",
"scope": "eq",
"trust": 1.6,
"vendor": "nxp",
"version": null
},
{
"model": "vybrid mvf62nn151cmk40",
"scope": "eq",
"trust": 1.6,
"vendor": "nxp",
"version": null
},
{
"model": "i.mx 6solo",
"scope": "eq",
"trust": 1.6,
"vendor": "nxp",
"version": null
},
{
"model": "vybrid mvf61ns151cmk50",
"scope": "eq",
"trust": 1.6,
"vendor": "nxp",
"version": null
},
{
"model": "vybrid mvf61nn151cmk50",
"scope": "eq",
"trust": 1.6,
"vendor": "nxp",
"version": null
},
{
"model": "i.mx 6ull",
"scope": "eq",
"trust": 1.6,
"vendor": "nxp",
"version": null
},
{
"model": "i.mx 6sololite",
"scope": "eq",
"trust": 1.6,
"vendor": "nxp",
"version": null
},
{
"model": "vybrid mvf60nn151cmk40",
"scope": "eq",
"trust": 1.6,
"vendor": "nxp",
"version": null
},
{
"model": "vybrid mvf60ns151cmk40",
"scope": "eq",
"trust": 1.0,
"vendor": "nxp",
"version": null
},
{
"model": "vybrid mvf50nn151cmk40",
"scope": "eq",
"trust": 1.0,
"vendor": "nxp",
"version": null
},
{
"model": "vybrid mvf51nn151cmk50",
"scope": "eq",
"trust": 1.0,
"vendor": "nxp",
"version": null
},
{
"model": "vybrid mvf60nn151cmk50",
"scope": "eq",
"trust": 1.0,
"vendor": "nxp",
"version": null
},
{
"model": "vybrid mvf50ns151cmk40",
"scope": "eq",
"trust": 1.0,
"vendor": "nxp",
"version": null
},
{
"model": "vybrid mvf50ns151cmk50",
"scope": "eq",
"trust": 1.0,
"vendor": "nxp",
"version": null
},
{
"model": "vybrid mvf30ns151cku26",
"scope": "eq",
"trust": 1.0,
"vendor": "nxp",
"version": null
},
{
"model": "i.mx 6duallite",
"scope": "eq",
"trust": 1.0,
"vendor": "nxp",
"version": null
},
{
"model": "i.mx 6dual",
"scope": "eq",
"trust": 1.0,
"vendor": "nxp",
"version": null
},
{
"model": "i.mx 7dual",
"scope": "eq",
"trust": 1.0,
"vendor": "nxp",
"version": null
},
{
"model": "i.mx 6quadplus",
"scope": "eq",
"trust": 1.0,
"vendor": "nxp",
"version": null
},
{
"model": "i.mx 28",
"scope": "eq",
"trust": 1.0,
"vendor": "nxp",
"version": null
},
{
"model": "vybrid mvf50nn151cmk50",
"scope": "eq",
"trust": 1.0,
"vendor": "nxp",
"version": null
},
{
"model": "i.mx 7solo",
"scope": "eq",
"trust": 1.0,
"vendor": "nxp",
"version": null
},
{
"model": "i.mx 6quad",
"scope": "eq",
"trust": 1.0,
"vendor": "nxp",
"version": null
},
{
"model": "i.mx 6solox",
"scope": "eq",
"trust": 1.0,
"vendor": "nxp",
"version": null
},
{
"model": "vybrid mvf51ns151cmk50",
"scope": "eq",
"trust": 1.0,
"vendor": "nxp",
"version": null
},
{
"model": "i.mx 6dualplus",
"scope": "eq",
"trust": 1.0,
"vendor": "nxp",
"version": null
},
{
"model": "vybrid mvf60ns151cmk50",
"scope": "eq",
"trust": 1.0,
"vendor": "nxp",
"version": null
},
{
"model": "vybrid mvf30nn151cku26",
"scope": "eq",
"trust": 1.0,
"vendor": "nxp",
"version": null
},
{
"model": "i.mx 28",
"scope": null,
"trust": 0.8,
"vendor": "nxp semiconductors",
"version": null
},
{
"model": "i.mx 50",
"scope": null,
"trust": 0.8,
"vendor": "nxp semiconductors",
"version": null
},
{
"model": "i.mx 53",
"scope": null,
"trust": 0.8,
"vendor": "nxp semiconductors",
"version": null
},
{
"model": "i.mx 6dual",
"scope": null,
"trust": 0.8,
"vendor": "nxp semiconductors",
"version": null
},
{
"model": "i.mx 6duallite",
"scope": null,
"trust": 0.8,
"vendor": "nxp semiconductors",
"version": null
},
{
"model": "i.mx 6dualplus",
"scope": null,
"trust": 0.8,
"vendor": "nxp semiconductors",
"version": null
},
{
"model": "i.mx 6quad",
"scope": null,
"trust": 0.8,
"vendor": "nxp semiconductors",
"version": null
},
{
"model": "i.mx 6quadplus",
"scope": null,
"trust": 0.8,
"vendor": "nxp semiconductors",
"version": null
},
{
"model": "i.mx 6solo",
"scope": null,
"trust": 0.8,
"vendor": "nxp semiconductors",
"version": null
},
{
"model": "i.mx 6sololite",
"scope": null,
"trust": 0.8,
"vendor": "nxp semiconductors",
"version": null
},
{
"model": "i.mx 6solox",
"scope": null,
"trust": 0.8,
"vendor": "nxp semiconductors",
"version": null
},
{
"model": "i.mx 6ull",
"scope": null,
"trust": 0.8,
"vendor": "nxp semiconductors",
"version": null
},
{
"model": "i.mx 6ultralite",
"scope": null,
"trust": 0.8,
"vendor": "nxp semiconductors",
"version": null
},
{
"model": "i.mx 7dual",
"scope": null,
"trust": 0.8,
"vendor": "nxp semiconductors",
"version": null
},
{
"model": "i.mx 7solo",
"scope": null,
"trust": 0.8,
"vendor": "nxp semiconductors",
"version": null
},
{
"model": "vybrid mvf30nn151cku26",
"scope": null,
"trust": 0.8,
"vendor": "nxp semiconductors",
"version": null
},
{
"model": "vybrid mvf30ns151cku26",
"scope": null,
"trust": 0.8,
"vendor": "nxp semiconductors",
"version": null
},
{
"model": "vybrid mvf50nn151cmk40",
"scope": null,
"trust": 0.8,
"vendor": "nxp semiconductors",
"version": null
},
{
"model": "vybrid mvf50nn151cmk50",
"scope": null,
"trust": 0.8,
"vendor": "nxp semiconductors",
"version": null
},
{
"model": "vybrid mvf50ns151cmk40",
"scope": null,
"trust": 0.8,
"vendor": "nxp semiconductors",
"version": null
},
{
"model": "vybrid mvf50ns151cmk50",
"scope": null,
"trust": 0.8,
"vendor": "nxp semiconductors",
"version": null
},
{
"model": "vybrid mvf51nn151cmk50",
"scope": null,
"trust": 0.8,
"vendor": "nxp semiconductors",
"version": null
},
{
"model": "vybrid mvf51ns151cmk50",
"scope": null,
"trust": 0.8,
"vendor": "nxp semiconductors",
"version": null
},
{
"model": "vybrid mvf60nn151cmk40",
"scope": null,
"trust": 0.8,
"vendor": "nxp semiconductors",
"version": null
},
{
"model": "vybrid mvf60nn151cmk50",
"scope": null,
"trust": 0.8,
"vendor": "nxp semiconductors",
"version": null
},
{
"model": "vybrid mvf60ns151cmk40",
"scope": null,
"trust": 0.8,
"vendor": "nxp semiconductors",
"version": null
},
{
"model": "vybrid mvf60ns151cmk50",
"scope": null,
"trust": 0.8,
"vendor": "nxp semiconductors",
"version": null
},
{
"model": "vybrid mvf61nn151cmk50",
"scope": null,
"trust": 0.8,
"vendor": "nxp semiconductors",
"version": null
},
{
"model": "vybrid mvf61ns151cmk50",
"scope": null,
"trust": 0.8,
"vendor": "nxp semiconductors",
"version": null
},
{
"model": "vybrid mvf62nn151cmk40",
"scope": null,
"trust": 0.8,
"vendor": "nxp semiconductors",
"version": null
},
{
"model": "semiconductors i.mx",
"scope": "eq",
"trust": 0.6,
"vendor": "nxp",
"version": "50"
},
{
"model": "semiconductors i.mx",
"scope": "eq",
"trust": 0.6,
"vendor": "nxp",
"version": "53"
},
{
"model": "semiconductors i.mx 6ull",
"scope": null,
"trust": 0.6,
"vendor": "nxp",
"version": null
},
{
"model": "semiconductors i.mx 6ultralite",
"scope": null,
"trust": 0.6,
"vendor": "nxp",
"version": null
},
{
"model": "semiconductors i.mx 6sololite",
"scope": null,
"trust": 0.6,
"vendor": "nxp",
"version": null
},
{
"model": "semiconductors i.mx 6solo",
"scope": null,
"trust": 0.6,
"vendor": "nxp",
"version": null
},
{
"model": "semiconductors i.mx 6duallite",
"scope": null,
"trust": 0.6,
"vendor": "nxp",
"version": null
},
{
"model": "semiconductors i.mx 6quad",
"scope": null,
"trust": 0.6,
"vendor": "nxp",
"version": null
},
{
"model": "semiconductors i.mx 6solox",
"scope": null,
"trust": 0.6,
"vendor": "nxp",
"version": null
},
{
"model": "semiconductors i.mx 6dual",
"scope": null,
"trust": 0.6,
"vendor": "nxp",
"version": null
},
{
"model": "semiconductors i.mx 6dualplus",
"scope": null,
"trust": 0.6,
"vendor": "nxp",
"version": null
},
{
"model": "semiconductors i.mx 6quadplus",
"scope": null,
"trust": 0.6,
"vendor": "nxp",
"version": null
},
{
"model": "semiconductors vybrid vf3xx",
"scope": null,
"trust": 0.6,
"vendor": "nxp",
"version": null
},
{
"model": "semiconductors vybrid vf5xx",
"scope": null,
"trust": 0.6,
"vendor": "nxp",
"version": null
},
{
"model": "semiconductors vybrid vf6xx",
"scope": null,
"trust": 0.6,
"vendor": "nxp",
"version": null
},
{
"model": "semiconductors i.mx",
"scope": "eq",
"trust": 0.6,
"vendor": "nxp",
"version": "28"
},
{
"model": "semiconductors i.mx 7solo",
"scope": null,
"trust": 0.6,
"vendor": "nxp",
"version": null
},
{
"model": "semiconductors i.mx 7dual",
"scope": null,
"trust": 0.6,
"vendor": "nxp",
"version": null
},
{
"model": "semiconductors vybrid vf5xx",
"scope": "eq",
"trust": 0.3,
"vendor": "nxp",
"version": "0"
},
{
"model": "semiconductors vybrid vf3xx",
"scope": "eq",
"trust": 0.3,
"vendor": "nxp",
"version": "0"
},
{
"model": "semiconductors mifare ultralight",
"scope": "eq",
"trust": 0.3,
"vendor": "nxp",
"version": "0"
},
{
"model": "semiconductors mifare reader components",
"scope": "eq",
"trust": 0.3,
"vendor": "nxp",
"version": "0"
},
{
"model": "semiconductors mifare desfire ev1",
"scope": null,
"trust": 0.3,
"vendor": "nxp",
"version": null
},
{
"model": "semiconductors mifare classic",
"scope": "eq",
"trust": 0.3,
"vendor": "nxp",
"version": "0"
},
{
"model": "semiconductors imx 7solo",
"scope": "eq",
"trust": 0.3,
"vendor": "nxp",
"version": "0"
},
{
"model": "semiconductors imx 7dual",
"scope": "eq",
"trust": 0.3,
"vendor": "nxp",
"version": "0"
},
{
"model": "semiconductors imx 6ultralite",
"scope": "eq",
"trust": 0.3,
"vendor": "nxp",
"version": "0"
},
{
"model": "semiconductors imx 6ull",
"scope": "eq",
"trust": 0.3,
"vendor": "nxp",
"version": "0"
},
{
"model": "semiconductors imx 6solox",
"scope": "eq",
"trust": 0.3,
"vendor": "nxp",
"version": "0"
},
{
"model": "semiconductors imx 6sololite",
"scope": "eq",
"trust": 0.3,
"vendor": "nxp",
"version": "0"
},
{
"model": "semiconductors imx 6solo",
"scope": "eq",
"trust": 0.3,
"vendor": "nxp",
"version": "0"
},
{
"model": "semiconductors imx 6quadplus",
"scope": "eq",
"trust": 0.3,
"vendor": "nxp",
"version": "0"
},
{
"model": "semiconductors imx 6quad",
"scope": "eq",
"trust": 0.3,
"vendor": "nxp",
"version": "0"
},
{
"model": "semiconductors imx 6dualplus",
"scope": "eq",
"trust": 0.3,
"vendor": "nxp",
"version": "0"
},
{
"model": "semiconductors imx 6duallite",
"scope": "eq",
"trust": 0.3,
"vendor": "nxp",
"version": "0"
},
{
"model": "semiconductors imx 6dual",
"scope": "eq",
"trust": 0.3,
"vendor": "nxp",
"version": "0"
},
{
"model": "semiconductors imx",
"scope": "eq",
"trust": 0.3,
"vendor": "nxp",
"version": "530"
},
{
"model": "semiconductors imx",
"scope": "eq",
"trust": 0.3,
"vendor": "nxp",
"version": "500"
},
{
"model": "semiconductors imx",
"scope": "eq",
"trust": 0.3,
"vendor": "nxp",
"version": "280"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "vybrid mvf30nn151cku26",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "vybrid mvf60ns151cmk40",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "vybrid mvf60nn151cmk50",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "vybrid mvf60ns151cmk50",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "vybrid mvf61nn151cmk50",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "vybrid mvf61ns151cmk50",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "vybrid mvf62nn151cmk40",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "i mx 50",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "i mx 53",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "i mx 6ull",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "i mx 6ultralite",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "vybrid mvf30ns151cku26",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "i mx 6sololite",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "i mx 6solo",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "i mx 6duallite",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "i mx 6solox",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "i mx 6dual",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "i mx 6quad",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "i mx 6quadplus",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "i mx 6dualplus",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "i mx 28",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "i mx 7dual",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "vybrid mvf50nn151cmk40",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "i mx 7solo",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "vybrid mvf50nn151cmk50",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "vybrid mvf50ns151cmk40",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "vybrid mvf50ns151cmk50",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "vybrid mvf51nn151cmk50",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "vybrid mvf51ns151cmk50",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "vybrid mvf60nn151cmk40",
"version": null
}
],
"sources": [
{
"db": "IVD",
"id": "d823aa2f-dc34-445f-8238-cacbe1c66f3b"
},
{
"db": "CNVD",
"id": "CNVD-2017-23000"
},
{
"db": "BID",
"id": "99966"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-007267"
},
{
"db": "CNNVD",
"id": "CNNVD-201704-928"
},
{
"db": "NVD",
"id": "CVE-2017-7932"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/o:nxp:i.mx_28_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:nxp:i.mx_50_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:nxp:i.mx_53_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:nxp:i.mx_6dual_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:nxp:i.mx_6duallite_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:nxp:i.mx_6dualplus_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:nxp:i.mx_6quad_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:nxp:i.mx_6quadplus_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:nxp:i.mx_6solo_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:nxp:i.mx_6sololite_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:nxp:i.mx_6solox_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:nxp:i.mx_6ull_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:nxp:i.mx_6ultralite_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:nxp:i.mx_7dual_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:nxp:i.mx_7solo_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:nxp:vybrid_mvf30nn151cku26_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:nxp:vybrid_mvf30ns151cku26_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:nxp:vybrid_mvf50nn151cmk40_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:nxp:vybrid_mvf50nn151cmk50_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:nxp:vybrid_mvf50ns151cmk40_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:nxp:vybrid_mvf50ns151cmk50_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:nxp:vybrid_mvf51nn151cmk50_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:nxp:vybrid_mvf51ns151cmk50_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:nxp:vybrid_mvf60nn151cmk40_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:nxp:vybrid_mvf60nn151cmk50_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:nxp:vybrid_mvf60ns151cmk40_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:nxp:vybrid_mvf60ns151cmk50_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:nxp:vybrid_mvf61nn151cmk50_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:nxp:vybrid_mvf61ns151cmk50_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:nxp:vybrid_mvf62nn151cmk40_firmware",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-007267"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Quarkslab.",
"sources": [
{
"db": "BID",
"id": "99966"
}
],
"trust": 0.3
},
"cve": "CVE-2017-7932",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 4.4,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 3.4,
"id": "CVE-2017-7932",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 1.8,
"vectorString": "AV:L/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "HIGH",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "COMPLETE",
"baseScore": 5.9,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 1.9,
"id": "CNVD-2017-23000",
"impactScore": 9.5,
"integrityImpact": "COMPLETE",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:L/AC:H/Au:N/C:P/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "HIGH",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "COMPLETE",
"baseScore": 5.9,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 1.9,
"id": "d823aa2f-dc34-445f-8238-cacbe1c66f3b",
"impactScore": 9.5,
"integrityImpact": "COMPLETE",
"severity": "MEDIUM",
"trust": 0.2,
"vectorString": "AV:L/AC:H/Au:N/C:P/I:C/A:C",
"version": "2.9 [IVD]"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 4.4,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 3.4,
"id": "VHN-116135",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:L/AC:M/AU:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "HIGH",
"attackVector": "PHYSICAL",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 6.0,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"exploitabilityScore": 0.5,
"id": "CVE-2017-7932",
"impactScore": 5.5,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.8,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:P/AC:H/PR:N/UI:N/S:U/C:L/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2017-7932",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "CVE-2017-7932",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNVD",
"id": "CNVD-2017-23000",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201704-928",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "IVD",
"id": "d823aa2f-dc34-445f-8238-cacbe1c66f3b",
"trust": 0.2,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-116135",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "d823aa2f-dc34-445f-8238-cacbe1c66f3b"
},
{
"db": "CNVD",
"id": "CNVD-2017-23000"
},
{
"db": "VULHUB",
"id": "VHN-116135"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-007267"
},
{
"db": "CNNVD",
"id": "CNNVD-201704-928"
},
{
"db": "NVD",
"id": "CVE-2017-7932"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "An improper certificate validation issue was discovered in NXP i.MX 28 i.MX 50, i.MX 53, i.MX 7Solo i.MX 7Dual Vybrid VF3xx, Vybrid VF5xx, Vybrid VF6xx, i.MX 6ULL, i.MX 6UltraLite, i.MX 6SoloLite, i.MX 6Solo, i.MX 6DualLite, i.MX 6SoloX, i.MX 6Dual, i.MX 6Quad, i.MX 6DualPlus, and i.MX 6QuadPlus. When the device is configured in security enabled configuration, under certain conditions it is possible to bypass the signature verification by using a specially crafted certificate leading to the execution of an unsigned image. plural NXP i.MX and Vybrid The product contains a certificate validation vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. NXPi.MX50 and so on are different series of microprocessor products from NXPSemiconductors of the Netherlands. There are security vulnerabilities in several NXPi.MX products due to the program failing to properly validate the certificate. Failed exploit attempts will likely cause a denial-of-service condition. The following devices are affected: NXP i.MX 28, i.MX 50, i.MX 53, i.MX 7Solo i.MX 7Dual Vybrid VF3xx, Vybrid VF5xx, Vybrid VF6xx, i.MX 6ULL, i.MX 6UltraLite, i. MX 6SoloLite, i.MX 6Solo, i.MX 6DualLite, i.MX 6SoloX, i.MX 6Dual, i.MX 6Quad, i.MX 6DualPlus, i.MX 6QuadPlus",
"sources": [
{
"db": "NVD",
"id": "CVE-2017-7932"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-007267"
},
{
"db": "CNVD",
"id": "CNVD-2017-23000"
},
{
"db": "BID",
"id": "99966"
},
{
"db": "IVD",
"id": "d823aa2f-dc34-445f-8238-cacbe1c66f3b"
},
{
"db": "VULHUB",
"id": "VHN-116135"
}
],
"trust": 2.7
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2017-7932",
"trust": 3.6
},
{
"db": "ICS CERT",
"id": "ICSA-17-152-02",
"trust": 3.4
},
{
"db": "BID",
"id": "99966",
"trust": 2.6
},
{
"db": "CNNVD",
"id": "CNNVD-201704-928",
"trust": 0.9
},
{
"db": "CNVD",
"id": "CNVD-2017-23000",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2017-007267",
"trust": 0.8
},
{
"db": "IVD",
"id": "D823AA2F-DC34-445F-8238-CACBE1C66F3B",
"trust": 0.2
},
{
"db": "VULHUB",
"id": "VHN-116135",
"trust": 0.1
}
],
"sources": [
{
"db": "IVD",
"id": "d823aa2f-dc34-445f-8238-cacbe1c66f3b"
},
{
"db": "CNVD",
"id": "CNVD-2017-23000"
},
{
"db": "VULHUB",
"id": "VHN-116135"
},
{
"db": "BID",
"id": "99966"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-007267"
},
{
"db": "CNNVD",
"id": "CNNVD-201704-928"
},
{
"db": "NVD",
"id": "CVE-2017-7932"
}
]
},
"id": "VAR-201708-1391",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "IVD",
"id": "d823aa2f-dc34-445f-8238-cacbe1c66f3b"
},
{
"db": "CNVD",
"id": "CNVD-2017-23000"
},
{
"db": "VULHUB",
"id": "VHN-116135"
}
],
"trust": 1.7333333062499998
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS",
"Network device"
],
"sub_category": null,
"trust": 0.6
},
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 0.2
}
],
"sources": [
{
"db": "IVD",
"id": "d823aa2f-dc34-445f-8238-cacbe1c66f3b"
},
{
"db": "CNVD",
"id": "CNVD-2017-23000"
}
]
},
"last_update_date": "2024-11-23T22:17:49.594000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "i.MX \u0026 Vybrid Security Vulnerability Errata - ERR010872, ERR010873",
"trust": 0.8,
"url": "https://community.nxp.com/docs/DOC-334996"
},
{
"title": "Multiple NXPi.MX products verify patches that bypass the vulnerability",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/100888"
},
{
"title": "Multiple NXP i.MX Product security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=99743"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-23000"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-007267"
},
{
"db": "CNNVD",
"id": "CNNVD-201704-928"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-295",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-116135"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-007267"
},
{
"db": "NVD",
"id": "CVE-2017-7932"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 3.4,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-17-152-02"
},
{
"trust": 2.3,
"url": "http://www.securityfocus.com/bid/99966"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-7932"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-7932"
},
{
"trust": 0.3,
"url": "http://www.nxp.com/"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-23000"
},
{
"db": "VULHUB",
"id": "VHN-116135"
},
{
"db": "BID",
"id": "99966"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-007267"
},
{
"db": "CNNVD",
"id": "CNNVD-201704-928"
},
{
"db": "NVD",
"id": "CVE-2017-7932"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "IVD",
"id": "d823aa2f-dc34-445f-8238-cacbe1c66f3b"
},
{
"db": "CNVD",
"id": "CNVD-2017-23000"
},
{
"db": "VULHUB",
"id": "VHN-116135"
},
{
"db": "BID",
"id": "99966"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-007267"
},
{
"db": "CNNVD",
"id": "CNNVD-201704-928"
},
{
"db": "NVD",
"id": "CVE-2017-7932"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-08-26T00:00:00",
"db": "IVD",
"id": "d823aa2f-dc34-445f-8238-cacbe1c66f3b"
},
{
"date": "2017-08-26T00:00:00",
"db": "CNVD",
"id": "CNVD-2017-23000"
},
{
"date": "2017-08-07T00:00:00",
"db": "VULHUB",
"id": "VHN-116135"
},
{
"date": "2017-07-26T00:00:00",
"db": "BID",
"id": "99966"
},
{
"date": "2017-09-14T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-007267"
},
{
"date": "2017-04-20T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201704-928"
},
{
"date": "2017-08-07T08:29:00.307000",
"db": "NVD",
"id": "CVE-2017-7932"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-08-26T00:00:00",
"db": "CNVD",
"id": "CNVD-2017-23000"
},
{
"date": "2019-10-09T00:00:00",
"db": "VULHUB",
"id": "VHN-116135"
},
{
"date": "2017-07-26T00:00:00",
"db": "BID",
"id": "99966"
},
{
"date": "2017-09-14T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-007267"
},
{
"date": "2019-10-17T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201704-928"
},
{
"date": "2024-11-21T03:32:59.573000",
"db": "NVD",
"id": "CVE-2017-7932"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "local",
"sources": [
{
"db": "BID",
"id": "99966"
},
{
"db": "CNNVD",
"id": "CNNVD-201704-928"
}
],
"trust": 0.9
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "plural NXP i.MX and Vybrid Certificate validation vulnerabilities in products",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-007267"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "trust management problem",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201704-928"
}
],
"trust": 0.6
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…
Loading…