Vulnerability Details CVE-2017-18347
Incorrect access control in RDP Level 1 on STMicroelectronics STM32F0 series devices allows physically present attackers to extract the device's protected firmware via a special sequence of Serial Wire Debug (SWD) commands because there is a race condition between full initialization of the SWD interface and the setup of flash protection.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 20.7%
CVSS Severity
CVSS v3 Score 4.6
CVSS v2 Score 4.9
References
- https://community.st.com/s/question/0D50X00009Xke7aSAB/readout-protection-cracked-on-stm32
- https://www.aisec.fraunhofer.de/en/FirmwareProtection.html
- https://www.usenix.org/conference/woot17/workshop-program/presentation/obermaier
- https://community.st.com/s/question/0D50X00009Xke7aSAB/readout-protection-cracked-on-stm32
- https://www.aisec.fraunhofer.de/en/FirmwareProtection.html
- https://www.usenix.org/conference/woot17/workshop-program/presentation/obermaier
Products affected by CVE-2017-18347
-
cpe:2.3:h:st:stm32f030c6:-
-
cpe:2.3:h:st:stm32f030c8:-
-
cpe:2.3:h:st:stm32f030cc:-
-
cpe:2.3:h:st:stm32f030f4:-
-
cpe:2.3:h:st:stm32f030k6:-
-
cpe:2.3:h:st:stm32f030r8:-
-
cpe:2.3:h:st:stm32f030rc:-
-
cpe:2.3:h:st:stm32f031c4:-
-
cpe:2.3:h:st:stm32f031c6:-
-
cpe:2.3:h:st:stm32f031e6:-
-
cpe:2.3:h:st:stm32f031f4:-
-
cpe:2.3:h:st:stm32f031f6:-
-
cpe:2.3:h:st:stm32f031g4:-
-
cpe:2.3:h:st:stm32f031g6:-
-
cpe:2.3:h:st:stm32f031k4:-
-
cpe:2.3:h:st:stm32f038c6:-
-
cpe:2.3:h:st:stm32f038e6:-
-
cpe:2.3:h:st:stm32f038f6:-
-
cpe:2.3:h:st:stm32f038g6:-
-
cpe:2.3:h:st:stm32f038k6:-
-
cpe:2.3:h:st:stm32f042c4:-
-
cpe:2.3:h:st:stm32f042c6:-
-
cpe:2.3:h:st:stm32f042f4:-
-
cpe:2.3:h:st:stm32f042f6:-
-
cpe:2.3:h:st:stm32f042g4:-
-
cpe:2.3:h:st:stm32f042g6:-
-
cpe:2.3:h:st:stm32f042k4:-
-
cpe:2.3:h:st:stm32f042k6:-
-
cpe:2.3:h:st:stm32f042t6:-
-
cpe:2.3:h:st:stm32f048c6:-
-
cpe:2.3:h:st:stm32f048g6:-
-
cpe:2.3:h:st:stm32f048t6:-
-
cpe:2.3:h:st:stm32f051c4:-
-
cpe:2.3:h:st:stm32f051c6:-
-
cpe:2.3:h:st:stm32f051c8:-
-
cpe:2.3:h:st:stm32f051k4:-
-
cpe:2.3:h:st:stm32f051k6:-
-
cpe:2.3:h:st:stm32f051k8:-
-
cpe:2.3:h:st:stm32f051r4:-
-
cpe:2.3:h:st:stm32f051r6:-
-
cpe:2.3:h:st:stm32f051r8:-
-
cpe:2.3:h:st:stm32f051t8:-
-
cpe:2.3:h:st:stm32f058c8:-
-
cpe:2.3:h:st:stm32f058r8:-
-
cpe:2.3:h:st:stm32f058t8:-
-
cpe:2.3:h:st:stm32f070c6:-
-
cpe:2.3:h:st:stm32f070cb:-
-
cpe:2.3:h:st:stm32f070f6:-
-
cpe:2.3:h:st:stm32f070rb:-
-
cpe:2.3:h:st:stm32f071c8:-
-
cpe:2.3:h:st:stm32f071cb:-
-
cpe:2.3:h:st:stm32f071rb:-
-
cpe:2.3:h:st:stm32f071v8:-
-
cpe:2.3:h:st:stm32f071vb:-
-
cpe:2.3:h:st:stm32f072c8:-
-
cpe:2.3:h:st:stm32f072cb:-
-
cpe:2.3:h:st:stm32f072r8:-
-
cpe:2.3:h:st:stm32f072rb:-
-
cpe:2.3:h:st:stm32f072v8:-
-
cpe:2.3:h:st:stm32f072vb:-
-
cpe:2.3:h:st:stm32f078cb:-
-
cpe:2.3:h:st:stm32f078rb:-
-
cpe:2.3:h:st:stm32f078vb:-
-
cpe:2.3:h:st:stm32f091cb:-
-
cpe:2.3:h:st:stm32f091cc:-
-
cpe:2.3:h:st:stm32f091rb:-
-
cpe:2.3:h:st:stm32f091rc:-
-
cpe:2.3:h:st:stm32f091vb:-
-
cpe:2.3:h:st:stm32f091vc:-
-
cpe:2.3:h:st:stm32f098cc:-
-
cpe:2.3:h:st:stm32f098rc:-
-
cpe:2.3:h:st:stm32f098vc:-
-
cpe:2.3:o:st:stm32f030c6_firmware:-
-
cpe:2.3:o:st:stm32f030c8_firmware:-
-
cpe:2.3:o:st:stm32f030cc_firmware:-
-
cpe:2.3:o:st:stm32f030f4_firmware:-
-
cpe:2.3:o:st:stm32f030k6_firmware:-
-
cpe:2.3:o:st:stm32f030r8_firmware:-
-
cpe:2.3:o:st:stm32f030rc_firmware:-
-
cpe:2.3:o:st:stm32f031c4_firmware:-
-
cpe:2.3:o:st:stm32f031c6_firmware:-
-
cpe:2.3:o:st:stm32f031e6_firmware:-
-
cpe:2.3:o:st:stm32f031f4_firmware:-
-
cpe:2.3:o:st:stm32f031f6_firmware:-
-
cpe:2.3:o:st:stm32f031g4_firmware:-
-
cpe:2.3:o:st:stm32f031g6_firmware:-
-
cpe:2.3:o:st:stm32f031k4_firmware:-
-
cpe:2.3:o:st:stm32f038c6_firmware:-
-
cpe:2.3:o:st:stm32f038e6_firmware:-
-
cpe:2.3:o:st:stm32f038f6_firmware:-
-
cpe:2.3:o:st:stm32f038g6_firmware:-
-
cpe:2.3:o:st:stm32f038k6_firmware:-
-
cpe:2.3:o:st:stm32f042c4_firmware:-
-
cpe:2.3:o:st:stm32f042c6_firmware:-
-
cpe:2.3:o:st:stm32f042f4_firmware:-
-
cpe:2.3:o:st:stm32f042f6_firmware:-
-
cpe:2.3:o:st:stm32f042g4_firmware:-
-
cpe:2.3:o:st:stm32f042g6_firmware:-
-
cpe:2.3:o:st:stm32f042k4_firmware:-
-
cpe:2.3:o:st:stm32f042k6_firmware:-
-
cpe:2.3:o:st:stm32f042t6_firmware:-
-
cpe:2.3:o:st:stm32f048c6_firmware:-
-
cpe:2.3:o:st:stm32f048g6_firmware:-
-
cpe:2.3:o:st:stm32f048t6_firmware:-
-
cpe:2.3:o:st:stm32f051c4_firmware:-
-
cpe:2.3:o:st:stm32f051c6_firmware:-
-
cpe:2.3:o:st:stm32f051c8_firmware:-
-
cpe:2.3:o:st:stm32f051k4_firmware:-
-
cpe:2.3:o:st:stm32f051k6_firmware:-
-
cpe:2.3:o:st:stm32f051k8_firmware:-
-
cpe:2.3:o:st:stm32f051r4_firmware:-
-
cpe:2.3:o:st:stm32f051r6_firmware:-
-
cpe:2.3:o:st:stm32f051r8_firmware:-
-
cpe:2.3:o:st:stm32f051t8_firmware:-
-
cpe:2.3:o:st:stm32f058c8_firmware:-
-
cpe:2.3:o:st:stm32f058r8_firmware:-
-
cpe:2.3:o:st:stm32f058t8_firmware:-
-
cpe:2.3:o:st:stm32f070c6_firmware:-
-
cpe:2.3:o:st:stm32f070cb_firmware:-
-
cpe:2.3:o:st:stm32f070f6_firmware:-
-
cpe:2.3:o:st:stm32f070rb_firmware:-
-
cpe:2.3:o:st:stm32f071c8_firmware:-
-
cpe:2.3:o:st:stm32f071cb_firmware:-
-
cpe:2.3:o:st:stm32f071rb_firmware:-
-
cpe:2.3:o:st:stm32f071v8_firmware:-
-
cpe:2.3:o:st:stm32f071vb_firmware:-
-
cpe:2.3:o:st:stm32f072c8_firmware:-
-
cpe:2.3:o:st:stm32f072cb_firmware:-
-
cpe:2.3:o:st:stm32f072r8_firmware:-
-
cpe:2.3:o:st:stm32f072rb_firmware:-
-
cpe:2.3:o:st:stm32f072v8_firmware:-
-
cpe:2.3:o:st:stm32f072vb_firmware:-
-
cpe:2.3:o:st:stm32f078cb_firmware:-
-
cpe:2.3:o:st:stm32f078rb_firmware:-
-
cpe:2.3:o:st:stm32f078vb_firmware:-
-
cpe:2.3:o:st:stm32f091cb_firmware:-
-
cpe:2.3:o:st:stm32f091cc_firmware:-
-
cpe:2.3:o:st:stm32f091rb_firmware:-
-
cpe:2.3:o:st:stm32f091rc_firmware:-
-
cpe:2.3:o:st:stm32f091vb_firmware:-
-
cpe:2.3:o:st:stm32f091vc_firmware:-
-
cpe:2.3:o:st:stm32f098cc_firmware:-
-
cpe:2.3:o:st:stm32f098rc_firmware:-
-
cpe:2.3:o:st:stm32f098vc_firmware:-