Vulnerability Details CVE-2019-14238
On STMicroelectronics STM32F7 devices, Proprietary Code Read Out Protection (PCROP) (a software IP protection method) can be defeated with a debug probe via the Instruction Tightly Coupled Memory (ITCM) bus.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 20.5%
CVSS Severity
CVSS v3 Score 6.6
CVSS v2 Score 4.6
References
Products affected by CVE-2019-14238
-
cpe:2.3:h:st:stm32f4:-
-
cpe:2.3:h:st:stm32f7:-
-
cpe:2.3:h:st:stm32h7:-
-
cpe:2.3:h:st:stm32l0:-
-
cpe:2.3:h:st:stm32l1:-
-
cpe:2.3:h:st:stm32l4:-
-
cpe:2.3:o:st:stm32f4_firmware:-
-
cpe:2.3:o:st:stm32f7_firmware:-
-
cpe:2.3:o:st:stm32h7_firmware:-
-
cpe:2.3:o:st:stm32l0_firmware:-
-
cpe:2.3:o:st:stm32l1_firmware:-
-
cpe:2.3:o:st:stm32l4_firmware:-