Shodan
Vulnerabilities
Vulnerable Software

Vulnerability Details CVE-2017-3226

Das U-Boot is a device bootloader that can read its configuration from an AES encrypted file. Devices that make use of Das U-Boot's AES-CBC encryption feature using environment encryption (i.e., setting the configuration parameter CONFIG_ENV_AES=y) read environment variables from disk as the encrypted disk image is processed. An attacker with physical access to the device can manipulate the encrypted environment data to include a crafted two-byte sequence which triggers an error in environment variable parsing. This error condition is improperly handled by Das U-Boot, resulting in an immediate process termination with a debugging message.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.0
EPSS Ranking 12.3%
CVSS Severity
CVSS v3 Score 6.4
CVSS v2 Score 4.4
Products affected by CVE-2017-3226
  • Denx » U-Boot » Version: N/A
    cpe:2.3:a:denx:u-boot:-
  • Denx » U-Boot » Version: 0.2.0
    cpe:2.3:a:denx:u-boot:0.2.0
  • Denx » U-Boot » Version: 0.2.3
    cpe:2.3:a:denx:u-boot:0.2.3
  • Denx » U-Boot » Version: 0.3.0
    cpe:2.3:a:denx:u-boot:0.3.0
  • Denx » U-Boot » Version: 0.3.1
    cpe:2.3:a:denx:u-boot:0.3.1
  • Denx » U-Boot » Version: 0.4.0
    cpe:2.3:a:denx:u-boot:0.4.0
  • Denx » U-Boot » Version: 0.4.1
    cpe:2.3:a:denx:u-boot:0.4.1
  • Denx » U-Boot » Version: 0.4.2
    cpe:2.3:a:denx:u-boot:0.4.2
  • Denx » U-Boot » Version: 0.4.3
    cpe:2.3:a:denx:u-boot:0.4.3
  • Denx » U-Boot » Version: 0.4.4
    cpe:2.3:a:denx:u-boot:0.4.4
  • Denx » U-Boot » Version: 0.4.5
    cpe:2.3:a:denx:u-boot:0.4.5
  • Denx » U-Boot » Version: 0.4.6
    cpe:2.3:a:denx:u-boot:0.4.6
  • Denx » U-Boot » Version: 0.4.7
    cpe:2.3:a:denx:u-boot:0.4.7
  • Denx » U-Boot » Version: 0.4.8
    cpe:2.3:a:denx:u-boot:0.4.8
  • Denx » U-Boot » Version: 1.0.0
    cpe:2.3:a:denx:u-boot:1.0.0
  • Denx » U-Boot » Version: 1.0.1
    cpe:2.3:a:denx:u-boot:1.0.1
  • Denx » U-Boot » Version: 1.0.2
    cpe:2.3:a:denx:u-boot:1.0.2
  • Denx » U-Boot » Version: 1.1.0
    cpe:2.3:a:denx:u-boot:1.1.0
  • Denx » U-Boot » Version: 1.1.1
    cpe:2.3:a:denx:u-boot:1.1.1
  • Denx » U-Boot » Version: 1.1.2
    cpe:2.3:a:denx:u-boot:1.1.2
  • Denx » U-Boot » Version: 1.1.3
    cpe:2.3:a:denx:u-boot:1.1.3
  • Denx » U-Boot » Version: 1.1.4
    cpe:2.3:a:denx:u-boot:1.1.4
  • Denx » U-Boot » Version: 1.1.5
    cpe:2.3:a:denx:u-boot:1.1.5
  • Denx » U-Boot » Version: 1.1.6
    cpe:2.3:a:denx:u-boot:1.1.6
  • Denx » U-Boot » Version: 1.2.0
    cpe:2.3:a:denx:u-boot:1.2.0
  • Denx » U-Boot » Version: 1.3.0
    cpe:2.3:a:denx:u-boot:1.3.0
  • Denx » U-Boot » Version: 1.3.1
    cpe:2.3:a:denx:u-boot:1.3.1
  • Denx » U-Boot » Version: 1.3.3
    cpe:2.3:a:denx:u-boot:1.3.3
  • Denx » U-Boot » Version: 1.3.4
    cpe:2.3:a:denx:u-boot:1.3.4
  • Denx » U-Boot » Version: 2008.10
    cpe:2.3:a:denx:u-boot:2008.10
  • Denx » U-Boot » Version: 2009.01
    cpe:2.3:a:denx:u-boot:2009.01
  • Denx » U-Boot » Version: 2009.03
    cpe:2.3:a:denx:u-boot:2009.03
  • Denx » U-Boot » Version: 2009.06
    cpe:2.3:a:denx:u-boot:2009.06
  • Denx » U-Boot » Version: 2009.08
    cpe:2.3:a:denx:u-boot:2009.08
  • Denx » U-Boot » Version: 2009.11
    cpe:2.3:a:denx:u-boot:2009.11
  • Denx » U-Boot » Version: 2009.11.1
    cpe:2.3:a:denx:u-boot:2009.11.1
  • Denx » U-Boot » Version: 2010.03
    cpe:2.3:a:denx:u-boot:2010.03
  • Denx » U-Boot » Version: 2010.06
    cpe:2.3:a:denx:u-boot:2010.06
  • Denx » U-Boot » Version: 2010.09
    cpe:2.3:a:denx:u-boot:2010.09
  • Denx » U-Boot » Version: 2010.12
    cpe:2.3:a:denx:u-boot:2010.12
  • Denx » U-Boot » Version: 2011.03
    cpe:2.3:a:denx:u-boot:2011.03
  • Denx » U-Boot » Version: 2011.04.01
    cpe:2.3:a:denx:u-boot:2011.04.01
  • Denx » U-Boot » Version: 2011.06
    cpe:2.3:a:denx:u-boot:2011.06
  • Denx » U-Boot » Version: 2011.09
    cpe:2.3:a:denx:u-boot:2011.09
  • Denx » U-Boot » Version: 2011.12
    cpe:2.3:a:denx:u-boot:2011.12
  • Denx » U-Boot » Version: 2012.04
    cpe:2.3:a:denx:u-boot:2012.04
  • Denx » U-Boot » Version: 2012.04.01
    cpe:2.3:a:denx:u-boot:2012.04.01
  • Denx » U-Boot » Version: 2012.07
    cpe:2.3:a:denx:u-boot:2012.07
  • Denx » U-Boot » Version: 2012.10
    cpe:2.3:a:denx:u-boot:2012.10
  • Denx » U-Boot » Version: 2013.01
    cpe:2.3:a:denx:u-boot:2013.01
  • Denx » U-Boot » Version: 2013.01.01
    cpe:2.3:a:denx:u-boot:2013.01.01
  • Denx » U-Boot » Version: 2013.04
    cpe:2.3:a:denx:u-boot:2013.04
  • Denx » U-Boot » Version: 2013.07
    cpe:2.3:a:denx:u-boot:2013.07
  • Denx » U-Boot » Version: 2013.10
    cpe:2.3:a:denx:u-boot:2013.10
  • Denx » U-Boot » Version: 2014.01
    cpe:2.3:a:denx:u-boot:2014.01
  • Denx » U-Boot » Version: 2014.04
    cpe:2.3:a:denx:u-boot:2014.04
  • Denx » U-Boot » Version: 2014.07
    cpe:2.3:a:denx:u-boot:2014.07
  • Denx » U-Boot » Version: 2014.10
    cpe:2.3:a:denx:u-boot:2014.10
  • Denx » U-Boot » Version: 2015.01
    cpe:2.3:a:denx:u-boot:2015.01
  • Denx » U-Boot » Version: 2015.04
    cpe:2.3:a:denx:u-boot:2015.04
  • Denx » U-Boot » Version: 2015.07
    cpe:2.3:a:denx:u-boot:2015.07
  • Denx » U-Boot » Version: 2015.10
    cpe:2.3:a:denx:u-boot:2015.10
  • Denx » U-Boot » Version: 2016.01
    cpe:2.3:a:denx:u-boot:2016.01
  • Denx » U-Boot » Version: 2016.03
    cpe:2.3:a:denx:u-boot:2016.03
  • Denx » U-Boot » Version: 2016.05
    cpe:2.3:a:denx:u-boot:2016.05
  • Denx » U-Boot » Version: 2016.07
    cpe:2.3:a:denx:u-boot:2016.07
  • Denx » U-Boot » Version: 2016.09
    cpe:2.3:a:denx:u-boot:2016.09
  • Denx » U-Boot » Version: 2016.09.01
    cpe:2.3:a:denx:u-boot:2016.09.01
  • Denx » U-Boot » Version: 2016.11
    cpe:2.3:a:denx:u-boot:2016.11
  • Denx » U-Boot » Version: 2017.01
    cpe:2.3:a:denx:u-boot:2017.01
  • Denx » U-Boot » Version: 2017.03
    cpe:2.3:a:denx:u-boot:2017.03
  • Denx » U-Boot » Version: 2017.05
    cpe:2.3:a:denx:u-boot:2017.05
  • Denx » U-Boot » Version: 2017.07
    cpe:2.3:a:denx:u-boot:2017.07


Products
Pricing
Contact Us

Shodan ® - All rights reserved