var-201708-1393
Vulnerability from variot
A stack-based buffer overflow issue was discovered in NXP i.MX 50, i.MX 53, i.MX 6ULL, i.MX 6UltraLite, i.MX 6SoloLite, i.MX 6Solo, i.MX 6DualLite, i.MX 6SoloX, i.MX 6Dual, i.MX 6Quad, i.MX 6DualPlus, i.MX 6QuadPlus, Vybrid VF3xx, Vybrid VF5xx, and Vybrid VF6xx. When the device is configured in security enabled configuration, SDP could be used to download a small section of code to an unprotected region of memory. plural NXP i.MX and Vybrid The product contains a buffer error vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. NXPi.MX50 and so on are different series of microprocessor products from NXPSemiconductors of the Netherlands. An attacker could exploit the vulnerability to cause a denial of service. Multiple i.MX Products is prone to multiple local security vulnerabilities. An attacker may exploit these issues to bypass certain security restrictions and perform unauthorized actions or execute arbitrary code within the context of the application. Failed exploit attempts will likely cause a denial-of-service condition. The following products are affected: NXP i.MX 50, i.MX 53, i.MX 6ULL, i.MX 6UltraLite, i.MX 6SoloLite, i.MX 6Solo, i.MX 6DualLite, i.MX 6SoloX, i.MX 6Dual , i.MX 6Quad, i.MX 6DualPlus, i.MX 6QuadPlus, Vybrid VF3xx, Vybrid VF5xx, Vybrid VF6xx
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201708-1393",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "i.mx 50",
"scope": "eq",
"trust": 1.6,
"vendor": "nxp",
"version": null
},
{
"model": "i.mx 6ultralite",
"scope": "eq",
"trust": 1.6,
"vendor": "nxp",
"version": null
},
{
"model": "i.mx 6quad",
"scope": "eq",
"trust": 1.6,
"vendor": "nxp",
"version": null
},
{
"model": "i.mx 6solo",
"scope": "eq",
"trust": 1.6,
"vendor": "nxp",
"version": null
},
{
"model": "i.mx 6dualplus",
"scope": "eq",
"trust": 1.6,
"vendor": "nxp",
"version": null
},
{
"model": "i.mx 6solox",
"scope": "eq",
"trust": 1.6,
"vendor": "nxp",
"version": null
},
{
"model": "i.mx 6quadplus",
"scope": "eq",
"trust": 1.6,
"vendor": "nxp",
"version": null
},
{
"model": "i.mx 6sololite",
"scope": "eq",
"trust": 1.6,
"vendor": "nxp",
"version": null
},
{
"model": "i.mx 6duallite",
"scope": "eq",
"trust": 1.6,
"vendor": "nxp",
"version": null
},
{
"model": "i.mx 6dual",
"scope": "eq",
"trust": 1.6,
"vendor": "nxp",
"version": null
},
{
"model": "vybrid mvf60ns151cmk40",
"scope": "eq",
"trust": 1.0,
"vendor": "nxp",
"version": null
},
{
"model": "vybrid mvf61ns151cmk50",
"scope": "eq",
"trust": 1.0,
"vendor": "nxp",
"version": null
},
{
"model": "vybrid mvf50nn151cmk40",
"scope": "eq",
"trust": 1.0,
"vendor": "nxp",
"version": null
},
{
"model": "vybrid mvf51nn151cmk50",
"scope": "eq",
"trust": 1.0,
"vendor": "nxp",
"version": null
},
{
"model": "vybrid mvf60nn151cmk50",
"scope": "eq",
"trust": 1.0,
"vendor": "nxp",
"version": null
},
{
"model": "vybrid mvf50ns151cmk40",
"scope": "eq",
"trust": 1.0,
"vendor": "nxp",
"version": null
},
{
"model": "vybrid mvf50ns151cmk50",
"scope": "eq",
"trust": 1.0,
"vendor": "nxp",
"version": null
},
{
"model": "vybrid mvf30ns151cku26",
"scope": "eq",
"trust": 1.0,
"vendor": "nxp",
"version": null
},
{
"model": "vybrid mvf61nn151cmk50",
"scope": "eq",
"trust": 1.0,
"vendor": "nxp",
"version": null
},
{
"model": "i.mx 53",
"scope": "eq",
"trust": 1.0,
"vendor": "nxp",
"version": null
},
{
"model": "i.mx 6ull",
"scope": "eq",
"trust": 1.0,
"vendor": "nxp",
"version": null
},
{
"model": "vybrid mvf60nn151cmk40",
"scope": "eq",
"trust": 1.0,
"vendor": "nxp",
"version": null
},
{
"model": "vybrid mvf50nn151cmk50",
"scope": "eq",
"trust": 1.0,
"vendor": "nxp",
"version": null
},
{
"model": "vybrid mvf62nn151cmk40",
"scope": "eq",
"trust": 1.0,
"vendor": "nxp",
"version": null
},
{
"model": "vybrid mvf51ns151cmk50",
"scope": "eq",
"trust": 1.0,
"vendor": "nxp",
"version": null
},
{
"model": "vybrid mvf60ns151cmk50",
"scope": "eq",
"trust": 1.0,
"vendor": "nxp",
"version": null
},
{
"model": "vybrid mvf30nn151cku26",
"scope": "eq",
"trust": 1.0,
"vendor": "nxp",
"version": null
},
{
"model": "i.mx 50",
"scope": null,
"trust": 0.8,
"vendor": "nxp semiconductors",
"version": null
},
{
"model": "i.mx 53",
"scope": null,
"trust": 0.8,
"vendor": "nxp semiconductors",
"version": null
},
{
"model": "i.mx 6dual",
"scope": null,
"trust": 0.8,
"vendor": "nxp semiconductors",
"version": null
},
{
"model": "i.mx 6duallite",
"scope": null,
"trust": 0.8,
"vendor": "nxp semiconductors",
"version": null
},
{
"model": "i.mx 6dualplus",
"scope": null,
"trust": 0.8,
"vendor": "nxp semiconductors",
"version": null
},
{
"model": "i.mx 6quad",
"scope": null,
"trust": 0.8,
"vendor": "nxp semiconductors",
"version": null
},
{
"model": "i.mx 6quadplus",
"scope": null,
"trust": 0.8,
"vendor": "nxp semiconductors",
"version": null
},
{
"model": "i.mx 6solo",
"scope": null,
"trust": 0.8,
"vendor": "nxp semiconductors",
"version": null
},
{
"model": "i.mx 6sololite",
"scope": null,
"trust": 0.8,
"vendor": "nxp semiconductors",
"version": null
},
{
"model": "i.mx 6solox",
"scope": null,
"trust": 0.8,
"vendor": "nxp semiconductors",
"version": null
},
{
"model": "i.mx 6ull",
"scope": null,
"trust": 0.8,
"vendor": "nxp semiconductors",
"version": null
},
{
"model": "i.mx 6ultralite",
"scope": null,
"trust": 0.8,
"vendor": "nxp semiconductors",
"version": null
},
{
"model": "vybrid mvf30nn151cku26",
"scope": null,
"trust": 0.8,
"vendor": "nxp semiconductors",
"version": null
},
{
"model": "vybrid mvf30ns151cku26",
"scope": null,
"trust": 0.8,
"vendor": "nxp semiconductors",
"version": null
},
{
"model": "vybrid mvf50nn151cmk40",
"scope": null,
"trust": 0.8,
"vendor": "nxp semiconductors",
"version": null
},
{
"model": "vybrid mvf50nn151cmk50",
"scope": null,
"trust": 0.8,
"vendor": "nxp semiconductors",
"version": null
},
{
"model": "vybrid mvf50ns151cmk40",
"scope": null,
"trust": 0.8,
"vendor": "nxp semiconductors",
"version": null
},
{
"model": "vybrid mvf50ns151cmk50",
"scope": null,
"trust": 0.8,
"vendor": "nxp semiconductors",
"version": null
},
{
"model": "vybrid mvf51nn151cmk50",
"scope": null,
"trust": 0.8,
"vendor": "nxp semiconductors",
"version": null
},
{
"model": "vybrid mvf51ns151cmk50",
"scope": null,
"trust": 0.8,
"vendor": "nxp semiconductors",
"version": null
},
{
"model": "vybrid mvf60nn151cmk40",
"scope": null,
"trust": 0.8,
"vendor": "nxp semiconductors",
"version": null
},
{
"model": "vybrid mvf60nn151cmk50",
"scope": null,
"trust": 0.8,
"vendor": "nxp semiconductors",
"version": null
},
{
"model": "vybrid mvf60ns151cmk40",
"scope": null,
"trust": 0.8,
"vendor": "nxp semiconductors",
"version": null
},
{
"model": "vybrid mvf60ns151cmk50",
"scope": null,
"trust": 0.8,
"vendor": "nxp semiconductors",
"version": null
},
{
"model": "vybrid mvf61nn151cmk50",
"scope": null,
"trust": 0.8,
"vendor": "nxp semiconductors",
"version": null
},
{
"model": "vybrid mvf61ns151cmk50",
"scope": null,
"trust": 0.8,
"vendor": "nxp semiconductors",
"version": null
},
{
"model": "vybrid mvf62nn151cmk40",
"scope": null,
"trust": 0.8,
"vendor": "nxp semiconductors",
"version": null
},
{
"model": "semiconductors i.mx",
"scope": "eq",
"trust": 0.6,
"vendor": "nxp",
"version": "50"
},
{
"model": "semiconductors i.mx",
"scope": "eq",
"trust": 0.6,
"vendor": "nxp",
"version": "53"
},
{
"model": "semiconductors i.mx 6ull",
"scope": null,
"trust": 0.6,
"vendor": "nxp",
"version": null
},
{
"model": "semiconductors i.mx 6ultralite",
"scope": null,
"trust": 0.6,
"vendor": "nxp",
"version": null
},
{
"model": "semiconductors i.mx 6sololite",
"scope": null,
"trust": 0.6,
"vendor": "nxp",
"version": null
},
{
"model": "semiconductors i.mx 6solo",
"scope": null,
"trust": 0.6,
"vendor": "nxp",
"version": null
},
{
"model": "semiconductors i.mx 6duallite",
"scope": null,
"trust": 0.6,
"vendor": "nxp",
"version": null
},
{
"model": "semiconductors i.mx 6quad",
"scope": null,
"trust": 0.6,
"vendor": "nxp",
"version": null
},
{
"model": "semiconductors i.mx 6solox",
"scope": null,
"trust": 0.6,
"vendor": "nxp",
"version": null
},
{
"model": "semiconductors i.mx 6dual",
"scope": null,
"trust": 0.6,
"vendor": "nxp",
"version": null
},
{
"model": "semiconductors i.mx 6dualplus",
"scope": null,
"trust": 0.6,
"vendor": "nxp",
"version": null
},
{
"model": "semiconductors i.mx 6quadplus",
"scope": null,
"trust": 0.6,
"vendor": "nxp",
"version": null
},
{
"model": "semiconductors vybrid vf3xx",
"scope": null,
"trust": 0.6,
"vendor": "nxp",
"version": null
},
{
"model": "semiconductors vybrid vf5xx",
"scope": null,
"trust": 0.6,
"vendor": "nxp",
"version": null
},
{
"model": "semiconductors vybrid vf6xx",
"scope": null,
"trust": 0.6,
"vendor": "nxp",
"version": null
},
{
"model": "semiconductors vybrid vf5xx",
"scope": "eq",
"trust": 0.3,
"vendor": "nxp",
"version": "0"
},
{
"model": "semiconductors vybrid vf3xx",
"scope": "eq",
"trust": 0.3,
"vendor": "nxp",
"version": "0"
},
{
"model": "semiconductors mifare ultralight",
"scope": "eq",
"trust": 0.3,
"vendor": "nxp",
"version": "0"
},
{
"model": "semiconductors mifare reader components",
"scope": "eq",
"trust": 0.3,
"vendor": "nxp",
"version": "0"
},
{
"model": "semiconductors mifare desfire ev1",
"scope": null,
"trust": 0.3,
"vendor": "nxp",
"version": null
},
{
"model": "semiconductors mifare classic",
"scope": "eq",
"trust": 0.3,
"vendor": "nxp",
"version": "0"
},
{
"model": "semiconductors imx 7solo",
"scope": "eq",
"trust": 0.3,
"vendor": "nxp",
"version": "0"
},
{
"model": "semiconductors imx 7dual",
"scope": "eq",
"trust": 0.3,
"vendor": "nxp",
"version": "0"
},
{
"model": "semiconductors imx 6ultralite",
"scope": "eq",
"trust": 0.3,
"vendor": "nxp",
"version": "0"
},
{
"model": "semiconductors imx 6ull",
"scope": "eq",
"trust": 0.3,
"vendor": "nxp",
"version": "0"
},
{
"model": "semiconductors imx 6solox",
"scope": "eq",
"trust": 0.3,
"vendor": "nxp",
"version": "0"
},
{
"model": "semiconductors imx 6sololite",
"scope": "eq",
"trust": 0.3,
"vendor": "nxp",
"version": "0"
},
{
"model": "semiconductors imx 6solo",
"scope": "eq",
"trust": 0.3,
"vendor": "nxp",
"version": "0"
},
{
"model": "semiconductors imx 6quadplus",
"scope": "eq",
"trust": 0.3,
"vendor": "nxp",
"version": "0"
},
{
"model": "semiconductors imx 6quad",
"scope": "eq",
"trust": 0.3,
"vendor": "nxp",
"version": "0"
},
{
"model": "semiconductors imx 6dualplus",
"scope": "eq",
"trust": 0.3,
"vendor": "nxp",
"version": "0"
},
{
"model": "semiconductors imx 6duallite",
"scope": "eq",
"trust": 0.3,
"vendor": "nxp",
"version": "0"
},
{
"model": "semiconductors imx 6dual",
"scope": "eq",
"trust": 0.3,
"vendor": "nxp",
"version": "0"
},
{
"model": "semiconductors imx",
"scope": "eq",
"trust": 0.3,
"vendor": "nxp",
"version": "530"
},
{
"model": "semiconductors imx",
"scope": "eq",
"trust": 0.3,
"vendor": "nxp",
"version": "500"
},
{
"model": "semiconductors imx",
"scope": "eq",
"trust": 0.3,
"vendor": "nxp",
"version": "280"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "vybrid mvf30nn151cku26",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "vybrid mvf60ns151cmk40",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "vybrid mvf60nn151cmk50",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "vybrid mvf60ns151cmk50",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "vybrid mvf61nn151cmk50",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "vybrid mvf61ns151cmk50",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "vybrid mvf62nn151cmk40",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "i mx 50",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "i mx 53",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "i mx 6ull",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "i mx 6ultralite",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "vybrid mvf30ns151cku26",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "i mx 6sololite",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "i mx 6solo",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "i mx 6duallite",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "i mx 6solox",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "i mx 6dual",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "i mx 6quad",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "i mx 6quadplus",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "i mx 6dualplus",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "vybrid mvf50nn151cmk40",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "vybrid mvf50nn151cmk50",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "vybrid mvf50ns151cmk40",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "vybrid mvf50ns151cmk50",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "vybrid mvf51nn151cmk50",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "vybrid mvf51ns151cmk50",
"version": null
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "vybrid mvf60nn151cmk40",
"version": null
}
],
"sources": [
{
"db": "IVD",
"id": "235898d3-c5e6-4883-bf99-cc01c40e3f48"
},
{
"db": "CNVD",
"id": "CNVD-2017-23001"
},
{
"db": "BID",
"id": "99966"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-007268"
},
{
"db": "CNNVD",
"id": "CNNVD-201704-924"
},
{
"db": "NVD",
"id": "CVE-2017-7936"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/o:nxp:i.mx_50_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:nxp:i.mx_53_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:nxp:i.mx_6dual_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:nxp:i.mx_6duallite_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:nxp:i.mx_6dualplus_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:nxp:i.mx_6quad_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:nxp:i.mx_6quadplus_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:nxp:i.mx_6solo_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:nxp:i.mx_6sololite_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:nxp:i.mx_6solox_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:nxp:i.mx_6ull_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:nxp:i.mx_6ultralite_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:nxp:vybrid_mvf30nn151cku26_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:nxp:vybrid_mvf30ns151cku26_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:nxp:vybrid_mvf50nn151cmk40_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:nxp:vybrid_mvf50nn151cmk50_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:nxp:vybrid_mvf50ns151cmk40_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:nxp:vybrid_mvf50ns151cmk50_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:nxp:vybrid_mvf51nn151cmk50_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:nxp:vybrid_mvf51ns151cmk50_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:nxp:vybrid_mvf60nn151cmk40_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:nxp:vybrid_mvf60nn151cmk50_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:nxp:vybrid_mvf60ns151cmk40_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:nxp:vybrid_mvf60ns151cmk50_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:nxp:vybrid_mvf61nn151cmk50_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:nxp:vybrid_mvf61ns151cmk50_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:nxp:vybrid_mvf62nn151cmk40_firmware",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-007268"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Quarkslab.",
"sources": [
{
"db": "BID",
"id": "99966"
}
],
"trust": 0.3
},
"cve": "CVE-2017-7936",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 4.4,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 3.4,
"id": "CVE-2017-7936",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 1.9,
"vectorString": "AV:L/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "HIGH",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "PARTIAL",
"baseScore": 5.2,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 1.9,
"id": "CNVD-2017-23001",
"impactScore": 8.5,
"integrityImpact": "COMPLETE",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:L/AC:H/Au:N/C:P/I:C/A:P",
"version": "2.0"
},
{
"accessComplexity": "HIGH",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "PARTIAL",
"baseScore": 5.2,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 1.9,
"id": "235898d3-c5e6-4883-bf99-cc01c40e3f48",
"impactScore": 8.5,
"integrityImpact": "COMPLETE",
"severity": "MEDIUM",
"trust": 0.2,
"vectorString": "AV:L/AC:H/Au:N/C:P/I:C/A:P",
"version": "2.9 [IVD]"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 4.4,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 3.4,
"id": "VHN-116139",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:L/AC:M/AU:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "HIGH",
"attackVector": "PHYSICAL",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 0.4,
"id": "CVE-2017-7936",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"trust": 1.8,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:P/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2017-7936",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "CVE-2017-7936",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNVD",
"id": "CNVD-2017-23001",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201704-924",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "IVD",
"id": "235898d3-c5e6-4883-bf99-cc01c40e3f48",
"trust": 0.2,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-116139",
"trust": 0.1,
"value": "MEDIUM"
},
{
"author": "VULMON",
"id": "CVE-2017-7936",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "235898d3-c5e6-4883-bf99-cc01c40e3f48"
},
{
"db": "CNVD",
"id": "CNVD-2017-23001"
},
{
"db": "VULHUB",
"id": "VHN-116139"
},
{
"db": "VULMON",
"id": "CVE-2017-7936"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-007268"
},
{
"db": "CNNVD",
"id": "CNNVD-201704-924"
},
{
"db": "NVD",
"id": "CVE-2017-7936"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "A stack-based buffer overflow issue was discovered in NXP i.MX 50, i.MX 53, i.MX 6ULL, i.MX 6UltraLite, i.MX 6SoloLite, i.MX 6Solo, i.MX 6DualLite, i.MX 6SoloX, i.MX 6Dual, i.MX 6Quad, i.MX 6DualPlus, i.MX 6QuadPlus, Vybrid VF3xx, Vybrid VF5xx, and Vybrid VF6xx. When the device is configured in security enabled configuration, SDP could be used to download a small section of code to an unprotected region of memory. plural NXP i.MX and Vybrid The product contains a buffer error vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. NXPi.MX50 and so on are different series of microprocessor products from NXPSemiconductors of the Netherlands. An attacker could exploit the vulnerability to cause a denial of service. Multiple i.MX Products is prone to multiple local security vulnerabilities. \nAn attacker may exploit these issues to bypass certain security restrictions and perform unauthorized actions or execute arbitrary code within the context of the application. Failed exploit attempts will likely cause a denial-of-service condition. The following products are affected: NXP i.MX 50, i.MX 53, i.MX 6ULL, i.MX 6UltraLite, i.MX 6SoloLite, i.MX 6Solo, i.MX 6DualLite, i.MX 6SoloX, i.MX 6Dual , i.MX 6Quad, i.MX 6DualPlus, i.MX 6QuadPlus, Vybrid VF3xx, Vybrid VF5xx, Vybrid VF6xx",
"sources": [
{
"db": "NVD",
"id": "CVE-2017-7936"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-007268"
},
{
"db": "CNVD",
"id": "CNVD-2017-23001"
},
{
"db": "BID",
"id": "99966"
},
{
"db": "IVD",
"id": "235898d3-c5e6-4883-bf99-cc01c40e3f48"
},
{
"db": "VULHUB",
"id": "VHN-116139"
},
{
"db": "VULMON",
"id": "CVE-2017-7936"
}
],
"trust": 2.79
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2017-7936",
"trust": 3.7
},
{
"db": "ICS CERT",
"id": "ICSA-17-152-02",
"trust": 3.5
},
{
"db": "BID",
"id": "99966",
"trust": 2.7
},
{
"db": "CNNVD",
"id": "CNNVD-201704-924",
"trust": 0.9
},
{
"db": "CNVD",
"id": "CNVD-2017-23001",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2017-007268",
"trust": 0.8
},
{
"db": "IVD",
"id": "235898D3-C5E6-4883-BF99-CC01C40E3F48",
"trust": 0.2
},
{
"db": "VULHUB",
"id": "VHN-116139",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2017-7936",
"trust": 0.1
}
],
"sources": [
{
"db": "IVD",
"id": "235898d3-c5e6-4883-bf99-cc01c40e3f48"
},
{
"db": "CNVD",
"id": "CNVD-2017-23001"
},
{
"db": "VULHUB",
"id": "VHN-116139"
},
{
"db": "VULMON",
"id": "CVE-2017-7936"
},
{
"db": "BID",
"id": "99966"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-007268"
},
{
"db": "CNNVD",
"id": "CNNVD-201704-924"
},
{
"db": "NVD",
"id": "CVE-2017-7936"
}
]
},
"id": "VAR-201708-1393",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "IVD",
"id": "235898d3-c5e6-4883-bf99-cc01c40e3f48"
},
{
"db": "CNVD",
"id": "CNVD-2017-23001"
},
{
"db": "VULHUB",
"id": "VHN-116139"
}
],
"trust": 1.7333333062499998
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS",
"Network device"
],
"sub_category": null,
"trust": 0.6
},
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 0.2
}
],
"sources": [
{
"db": "IVD",
"id": "235898d3-c5e6-4883-bf99-cc01c40e3f48"
},
{
"db": "CNVD",
"id": "CNVD-2017-23001"
}
]
},
"last_update_date": "2024-11-23T22:17:49.549000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "i.MX \u0026 Vybrid Security Vulnerability Errata - ERR010872, ERR010873",
"trust": 0.8,
"url": "https://community.nxp.com/docs/DOC-334996"
},
{
"title": "Patches for multiple NXPi.MX product stack buffer overflow vulnerabilities",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/100889"
},
{
"title": "Multiple NXP i.MX Product Buffer Error Vulnerability Fix",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=99740"
},
{
"title": "usb-device-security",
"trust": 0.1,
"url": "https://github.com/parallelbeings/usb-device-security "
},
{
"title": "advisories",
"trust": 0.1,
"url": "https://github.com/inversepath/advisories "
},
{
"title": "advisories",
"trust": 0.1,
"url": "https://github.com/f-secure-foundry/advisories "
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-23001"
},
{
"db": "VULMON",
"id": "CVE-2017-7936"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-007268"
},
{
"db": "CNNVD",
"id": "CNNVD-201704-924"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-119",
"trust": 1.9
},
{
"problemtype": "CWE-121",
"trust": 1.0
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-116139"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-007268"
},
{
"db": "NVD",
"id": "CVE-2017-7936"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 3.5,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-17-152-02"
},
{
"trust": 2.5,
"url": "http://www.securityfocus.com/bid/99966"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-7936"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-7936"
},
{
"trust": 0.3,
"url": "http://www.nxp.com/"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/119.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://github.com/parallelbeings/usb-device-security"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-23001"
},
{
"db": "VULHUB",
"id": "VHN-116139"
},
{
"db": "VULMON",
"id": "CVE-2017-7936"
},
{
"db": "BID",
"id": "99966"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-007268"
},
{
"db": "CNNVD",
"id": "CNNVD-201704-924"
},
{
"db": "NVD",
"id": "CVE-2017-7936"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "IVD",
"id": "235898d3-c5e6-4883-bf99-cc01c40e3f48"
},
{
"db": "CNVD",
"id": "CNVD-2017-23001"
},
{
"db": "VULHUB",
"id": "VHN-116139"
},
{
"db": "VULMON",
"id": "CVE-2017-7936"
},
{
"db": "BID",
"id": "99966"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-007268"
},
{
"db": "CNNVD",
"id": "CNNVD-201704-924"
},
{
"db": "NVD",
"id": "CVE-2017-7936"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-08-26T00:00:00",
"db": "IVD",
"id": "235898d3-c5e6-4883-bf99-cc01c40e3f48"
},
{
"date": "2017-08-26T00:00:00",
"db": "CNVD",
"id": "CNVD-2017-23001"
},
{
"date": "2017-08-07T00:00:00",
"db": "VULHUB",
"id": "VHN-116139"
},
{
"date": "2017-08-07T00:00:00",
"db": "VULMON",
"id": "CVE-2017-7936"
},
{
"date": "2017-07-26T00:00:00",
"db": "BID",
"id": "99966"
},
{
"date": "2017-09-14T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-007268"
},
{
"date": "2017-04-20T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201704-924"
},
{
"date": "2017-08-07T08:29:00.353000",
"db": "NVD",
"id": "CVE-2017-7936"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-08-26T00:00:00",
"db": "CNVD",
"id": "CNVD-2017-23001"
},
{
"date": "2019-10-09T00:00:00",
"db": "VULHUB",
"id": "VHN-116139"
},
{
"date": "2019-10-09T00:00:00",
"db": "VULMON",
"id": "CVE-2017-7936"
},
{
"date": "2017-07-26T00:00:00",
"db": "BID",
"id": "99966"
},
{
"date": "2017-09-14T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-007268"
},
{
"date": "2019-10-17T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201704-924"
},
{
"date": "2024-11-21T03:33:00.087000",
"db": "NVD",
"id": "CVE-2017-7936"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "local",
"sources": [
{
"db": "BID",
"id": "99966"
},
{
"db": "CNNVD",
"id": "CNNVD-201704-924"
}
],
"trust": 0.9
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "plural NXP i.MX and Vybrid Product buffer error vulnerability",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-007268"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Buffer error",
"sources": [
{
"db": "IVD",
"id": "235898d3-c5e6-4883-bf99-cc01c40e3f48"
},
{
"db": "CNNVD",
"id": "CNNVD-201704-924"
}
],
"trust": 0.8
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…
Loading…