9.8
CVE-2019-14236
- EPSS 0.94%
- Veröffentlicht 12.09.2019 18:15:11
- Zuletzt bearbeitet 21.11.2024 04:26:15
- Quelle cve@mitre.org
- Teams Watchlist Login
- Unerledigt Login
On STMicroelectronics STM32L0, STM32L1, STM32L4, STM32F4, STM32F7, and STM32H7 devices, Proprietary Code Read Out Protection (PCROP) (a software IP protection method) can be defeated by observing CPU registers and the effect of code/instruction execution.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
St ≫ Stm32l0 Firmware Version-
St ≫ Stm32l1 Firmware Version-
St ≫ Stm32f4 Firmware Version-
St ≫ Stm32l4 Firmware Version-
St ≫ Stm32f7 Firmware Version-
St ≫ Stm32h7 Firmware Version-
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
Typ | Quelle | Score | Percentile |
---|---|---|---|
EPSS | FIRST.org | 0.94% | 0.74 |
Quelle | Base Score | Exploit Score | Impact Score | Vector String |
---|---|---|---|---|
nvd@nist.gov | 9.8 | 3.9 | 5.9 |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
|
nvd@nist.gov | 7.5 | 10 | 6.4 |
AV:N/AC:L/Au:N/C:P/I:P/A:P
|
CWE-863 Incorrect Authorization
The product performs an authorization check when an actor attempts to access a resource or perform an action, but it does not correctly perform the check.