CVE-2017-18347

Published: Sep 12, 2018Modified: Nov 21, 2024

4.6

Vector

CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Exploitability: 0.9 / Impact: 3.6

Source: NVD

Description

Incorrect access control in RDP Level 1 on STMicroelectronics STM32F0 series devices allows physically present attackers to extract the device's protected firmware via a special sequence of Serial Wire Debug (SWD) commands because there is a race condition between full initialization of the SWD interface and the setup of flash protection.

Affected (72)

72 products

Configuration A

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
St Stm32f071rb Firmware	All versions

Running on/with	Platform Versions
St Stm32f071rb	All versions

Configuration B

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
St Stm32f071v8 Firmware	All versions

Running on/with	Platform Versions
St Stm32f071v8	All versions

Configuration C

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
St Stm32f071vb Firmware	All versions

Running on/with	Platform Versions
St Stm32f071vb	All versions

Configuration D

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
St Stm32f072c8 Firmware	All versions

Running on/with	Platform Versions
St Stm32f072c8	All versions

Configuration E

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
St Stm32f072cb Firmware	All versions

Running on/with	Platform Versions
St Stm32f072cb	All versions

Configuration F

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
St Stm32f072r8 Firmware	All versions

Running on/with	Platform Versions
St Stm32f072r8	All versions

Configuration G

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
St Stm32f072rb Firmware	All versions

Running on/with	Platform Versions
St Stm32f072rb	All versions

Configuration H

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
St Stm32f072v8 Firmware	All versions

Running on/with	Platform Versions
St Stm32f072v8	All versions

Configuration I

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
St Stm32f072vb Firmware	All versions

Running on/with	Platform Versions
St Stm32f072vb	All versions

Configuration J

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
St Stm32f078cb Firmware	All versions

Running on/with	Platform Versions
St Stm32f078cb	All versions

Configuration K

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
St Stm32f078rb Firmware	All versions

Running on/with	Platform Versions
St Stm32f078rb	All versions

Configuration L

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
St Stm32f078vb Firmware	All versions

Running on/with	Platform Versions
St Stm32f078vb	All versions

Configuration M

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
St Stm32f091cb Firmware	All versions

Running on/with	Platform Versions
St Stm32f091cb	All versions

Configuration N

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
St Stm32f091cc Firmware	All versions

Running on/with	Platform Versions
St Stm32f091cc	All versions

Configuration O

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
St Stm32f091rb Firmware	All versions

Running on/with	Platform Versions
St Stm32f091rb	All versions

Configuration P

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
St Stm32f091rc Firmware	All versions

Running on/with	Platform Versions
St Stm32f091rc	All versions

Configuration Q

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
St Stm32f091vb Firmware	All versions

Running on/with	Platform Versions
St Stm32f091vb	All versions

Configuration R

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
St Stm32f091vc Firmware	All versions

Running on/with	Platform Versions
St Stm32f091vc	All versions

Configuration S

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
St Stm32f098cc Firmware	All versions

Running on/with	Platform Versions
St Stm32f098cc	All versions

Configuration T

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
St Stm32f098rc Firmware	All versions

Running on/with	Platform Versions
St Stm32f098rc	All versions

Configuration U

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
St Stm32f098vc Firmware	All versions

Running on/with	Platform Versions
St Stm32f098vc	All versions

Configuration W

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
St Stm32f070cb Firmware	All versions

Running on/with	Platform Versions
St Stm32f070cb	All versions

Configuration X

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
St Stm32f070f6 Firmware	All versions

Running on/with	Platform Versions
St Stm32f070f6	All versions

Configuration Y

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
St Stm32f070rb Firmware	All versions

Running on/with	Platform Versions
St Stm32f070rb	All versions

Configuration Z

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
St Stm32f071c8 Firmware	All versions

Running on/with	Platform Versions
St Stm32f071c8	All versions

Configuration A

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
St Stm32f071cb Firmware	All versions

Running on/with	Platform Versions
St Stm32f071cb	All versions

Configuration B

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
St Stm32f051t8 Firmware	All versions

Running on/with	Platform Versions
St Stm32f051t8	All versions

Configuration C

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
St Stm32f058c8 Firmware	All versions

Running on/with	Platform Versions
St Stm32f058c8	All versions

Configuration D

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
St Stm32f058r8 Firmware	All versions

Running on/with	Platform Versions
St Stm32f058r8	All versions

Configuration E

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
St Stm32f058t8 Firmware	All versions

Running on/with	Platform Versions
St Stm32f058t8	All versions

Configuration F

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
St Stm32f070c6 Firmware	All versions

Running on/with	Platform Versions
St Stm32f070c6	All versions

Configuration G

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
St Stm32f051k4 Firmware	All versions

Running on/with	Platform Versions
St Stm32f051k4	All versions

Configuration H

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
St Stm32f051k6 Firmware	All versions

Running on/with	Platform Versions
St Stm32f051k6	All versions

Configuration I

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
St Stm32f051k8 Firmware	All versions

Running on/with	Platform Versions
St Stm32f051k8	All versions

Configuration J

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
St Stm32f051r4 Firmware	All versions

Running on/with	Platform Versions
St Stm32f051r4	All versions

Configuration K

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
St Stm32f051r6 Firmware	All versions

Running on/with	Platform Versions
St Stm32f051r6	All versions

Configuration L

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
St Stm32f051r8 Firmware	All versions

Running on/with	Platform Versions
St Stm32f051r8	All versions

Configuration M

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
St Stm32f042t6 Firmware	All versions

Running on/with	Platform Versions
St Stm32f042t6	All versions

Configuration N

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
St Stm32f048c6 Firmware	All versions

Running on/with	Platform Versions
St Stm32f048c6	All versions

Configuration O

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
St Stm32f048g6 Firmware	All versions

Running on/with	Platform Versions
St Stm32f048g6	All versions

Configuration P

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
St Stm32f048t6 Firmware	All versions

Running on/with	Platform Versions
St Stm32f048t6	All versions

Configuration Q

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
St Stm32f051c4 Firmware	All versions

Running on/with	Platform Versions
St Stm32f051c4	All versions

Configuration R

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
St Stm32f051c6 Firmware	All versions

Running on/with	Platform Versions
St Stm32f051c6	All versions

Configuration S

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
St Stm32f051c8 Firmware	All versions

Running on/with	Platform Versions
St Stm32f051c8	All versions

Configuration T

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
St Stm32f042f4 Firmware	All versions

Running on/with	Platform Versions
St Stm32f042f4	All versions

Configuration U

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
St Stm32f042f6 Firmware	All versions

Running on/with	Platform Versions
St Stm32f042f6	All versions

Configuration V

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
St Stm32f042g4 Firmware	All versions

Running on/with	Platform Versions
St Stm32f042g4	All versions

Configuration W

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
St Stm32f042g6 Firmware	All versions

Running on/with	Platform Versions
St Stm32f042g6	All versions

Configuration X

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
St Stm32f042k4 Firmware	All versions

Running on/with	Platform Versions
St Stm32f042k4	All versions

Configuration Y

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
St Stm32f042k6 Firmware	All versions

Running on/with	Platform Versions
St Stm32f042k6	All versions

Configuration Z

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
St Stm32f038c6 Firmware	All versions

Running on/with	Platform Versions
St Stm32f038c6	All versions

Configuration A

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
St Stm32f038e6 Firmware	All versions

Running on/with	Platform Versions
St Stm32f038e6	All versions

Configuration B

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
St Stm32f038f6 Firmware	All versions

Running on/with	Platform Versions
St Stm32f038f6	All versions

Configuration C

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
St Stm32f038g6 Firmware	All versions

Running on/with	Platform Versions
St Stm32f038g6	All versions

Configuration D

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
St Stm32f038k6 Firmware	All versions

Running on/with	Platform Versions
St Stm32f038k6	All versions

Configuration E

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
St Stm32f042c4 Firmware	All versions

Running on/with	Platform Versions
St Stm32f042c4	All versions

Configuration F

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
St Stm32f042c6 Firmware	All versions

Running on/with	Platform Versions
St Stm32f042c6	All versions

Configuration G

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
St Stm32f031e6 Firmware	All versions

Running on/with	Platform Versions
St Stm32f031e6	All versions

Configuration H

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
St Stm32f031f4 Firmware	All versions

Running on/with	Platform Versions
St Stm32f031f4	All versions

Configuration I

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
St Stm32f031f6 Firmware	All versions

Running on/with	Platform Versions
St Stm32f031f6	All versions

Configuration J

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
St Stm32f031g4 Firmware	All versions

Running on/with	Platform Versions
St Stm32f031g4	All versions

Configuration K

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
St Stm32f031g6 Firmware	All versions

Running on/with	Platform Versions
St Stm32f031g6	All versions

Configuration L

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
St Stm32f031k4 Firmware	All versions

Running on/with	Platform Versions
St Stm32f031k4	All versions

Configuration M

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
St Stm32f030f4 Firmware	All versions

Running on/with	Platform Versions
St Stm32f030f4	All versions

Configuration N

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
St Stm32f030k6 Firmware	All versions

Running on/with	Platform Versions
St Stm32f030k6	All versions

Configuration O

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
St Stm32f030r8 Firmware	All versions

Running on/with	Platform Versions
St Stm32f030r8	All versions

Configuration P

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
St Stm32f030rc Firmware	All versions

Running on/with	Platform Versions
St Stm32f030rc	All versions

Configuration Q

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
St Stm32f031c4 Firmware	All versions

Running on/with	Platform Versions
St Stm32f031c4	All versions

Configuration R

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
St Stm32f031c6 Firmware	All versions

Running on/with	Platform Versions
St Stm32f031c6	All versions

Configuration S

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
St Stm32f030c6 Firmware	All versions

Running on/with	Platform Versions
St Stm32f030c6	All versions

Configuration T

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
St Stm32f030c8 Firmware	All versions

Running on/with	Platform Versions
St Stm32f030c8	All versions

Configuration U

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
St Stm32f030cc Firmware	All versions

Running on/with	Platform Versions
St Stm32f030cc	All versions

Related CWEs

CWE-362

Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')

The product contains a code sequence that can run concurrently with other code, and the code sequence requires temporary, exclusive access to a shared resource, but a timing window exists in which the shared resource can be modified by another code sequence that is operating concurrently.

References (6)

https://community.st.com/s/question/0D50X00009Xke7aSAB/readout-protection-cracked-on-stm32

Source: cve@mitre.org

Vendor Advisory

https://www.aisec.fraunhofer.de/en/FirmwareProtection.html

Source: cve@mitre.org

ExploitThird Party Advisory

https://www.usenix.org/conference/woot17/workshop-program/presentation/obermaier

Source: cve@mitre.org

ExploitThird Party Advisory

https://community.st.com/s/question/0D50X00009Xke7aSAB/readout-protection-cracked-on-stm32

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

https://www.aisec.fraunhofer.de/en/FirmwareProtection.html

Source: af854a3a-2127-422b-91ae-364da2661108

ExploitThird Party Advisory

https://www.usenix.org/conference/woot17/workshop-program/presentation/obermaier

Source: af854a3a-2127-422b-91ae-364da2661108

ExploitThird Party Advisory

Timeline

No history available yet.