Vulnerability Details CVE-2019-14236
On STMicroelectronics STM32L0, STM32L1, STM32L4, STM32F4, STM32F7, and STM32H7 devices, Proprietary Code Read Out Protection (PCROP) (a software IP protection method) can be defeated by observing CPU registers and the effect of code/instruction execution.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.009
EPSS Ranking 75.2%
CVSS Severity
CVSS v3 Score 9.8
CVSS v2 Score 7.5
References
Products affected by CVE-2019-14236
-
cpe:2.3:h:st:stm32f4:-
-
cpe:2.3:h:st:stm32f7:-
-
cpe:2.3:h:st:stm32h7:-
-
cpe:2.3:h:st:stm32l0:-
-
cpe:2.3:h:st:stm32l1:-
-
cpe:2.3:h:st:stm32l4:-
-
cpe:2.3:o:st:stm32f4_firmware:-
-
cpe:2.3:o:st:stm32f7_firmware:-
-
cpe:2.3:o:st:stm32h7_firmware:-
-
cpe:2.3:o:st:stm32l0_firmware:-
-
cpe:2.3:o:st:stm32l1_firmware:-
-
cpe:2.3:o:st:stm32l4_firmware:-