← Back

CVE-2022-45163

nvd nist
Published: Nov 18, 2022Modified: Apr 30, 2025

JSON object

Loading...
4.6
Vector
CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Exploitability: 0.9 / Impact: 3.6
Source: NVD

Description

An information-disclosure vulnerability exists on select NXP devices when configured in Serial Download Protocol (SDP) mode: i.MX RT 1010, i.MX RT 1015, i.MX RT 1020, i.MX RT 1050, i.MX RT 1060, i.MX 6 Family, i.MX 7Dual/Solo, i.MX 7ULP, i.MX 8M Quad, i.MX 8M Mini, and Vybrid. In a device security-enabled configuration, memory contents could potentially leak to physically proximate attackers via the respective SDP port in cold and warm boot attacks. (The recommended mitigation is to completely disable the SDP mode by programming a one-time programmable eFUSE. Customers can contact NXP for additional information.)

Affected (23)

Nxp
23 products
I.mx 6 Firmware
I.mx 6dual Firmware
I.mx 6duallite Firmware
I.mx 6dualplus Firmware
I.mx 6quad Firmware
I.mx 6quadplus Firmware
I.mx 6solo Firmware
I.mx 6sololite Firmware
I.mx 6solox Firmware
I.mx 6ull Firmware
I.mx 6ultralite Firmware
I.mx 6ulz Firmware
I.mx 7dual Firmware
I.mx 7solo Firmware
I.mx 7ulp Firmware
I.mx 8m Mini Firmware
I.mx 8m Quad Firmware
I.mx 8m Vybrid Firmware
I.mx Rt1010 Firmware
I.mx Rt1015 Firmware
I.mx Rt1020 Firmware
I.mx Rt1050 Firmware
I.mx Rt1060 Firmware
Configuration A
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
I.mx 6 Firmware
All versions
Running on/withPlatform Versions
Nxp
I.mx 6
All versions
Configuration B
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
I.mx 6dual Firmware
All versions
Running on/withPlatform Versions
Nxp
I.mx 6dual
All versions
Configuration C
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
I.mx 6duallite Firmware
All versions
Running on/withPlatform Versions
Nxp
I.mx 6duallite
All versions
Configuration D
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
I.mx 6dualplus Firmware
All versions
Running on/withPlatform Versions
Nxp
I.mx 6dualplus
All versions
Configuration E
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
I.mx 6quad Firmware
All versions
Running on/withPlatform Versions
Nxp
I.mx 6quad
All versions
Configuration F
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
I.mx 6quadplus Firmware
All versions
Running on/withPlatform Versions
Nxp
I.mx 6quadplus
All versions
Configuration G
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
I.mx 6solo Firmware
All versions
Running on/withPlatform Versions
Nxp
I.mx 6solo
All versions
Configuration H
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
I.mx 6sololite Firmware
All versions
Running on/withPlatform Versions
Nxp
I.mx 6sololite
All versions
Configuration I
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
I.mx 6solox Firmware
All versions
Running on/withPlatform Versions
Nxp
I.mx 6solox
All versions
Configuration J
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
I.mx 6ull Firmware
All versions
Running on/withPlatform Versions
Nxp
I.mx 6ull
All versions
Configuration K
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
I.mx 6ultralite Firmware
All versions
Running on/withPlatform Versions
Nxp
I.mx 6ultralite
All versions
Configuration L
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
I.mx 6ulz Firmware
All versions
Running on/withPlatform Versions
Nxp
I.mx 6ulz
All versions
Configuration M
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
I.mx 7dual Firmware
All versions
Running on/withPlatform Versions
Nxp
I.mx 7dual
All versions
Configuration N
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
I.mx 7solo Firmware
All versions
Running on/withPlatform Versions
Nxp
I.mx 7solo
All versions
Configuration O
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
I.mx 7ulp Firmware
All versions
Running on/withPlatform Versions
Nxp
I.mx 7ulp
All versions
Configuration P
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
I.mx 8m Mini Firmware
All versions
Running on/withPlatform Versions
Nxp
I.mx 8m Mini
All versions
Configuration Q
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
I.mx 8m Quad Firmware
All versions
Running on/withPlatform Versions
Nxp
I.mx 8m Quad
All versions
Configuration R
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
I.mx 8m Vybrid Firmware
All versions
Running on/withPlatform Versions
Nxp
I.mx 8m Vybrid
All versions
Configuration S
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
I.mx Rt1010 Firmware
All versions
Running on/withPlatform Versions
Nxp
I.mx Rt1010
All versions
Configuration T
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
I.mx Rt1015 Firmware
All versions
Running on/withPlatform Versions
Nxp
I.mx Rt1015
All versions
Configuration U
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
I.mx Rt1020 Firmware
All versions
Running on/withPlatform Versions
Nxp
I.mx Rt1020
All versions
Configuration V
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
I.mx Rt1050 Firmware
All versions
Running on/withPlatform Versions
Nxp
I.mx Rt1050
All versions
Configuration W
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
I.mx Rt1060 Firmware
All versions
Running on/withPlatform Versions
Nxp
I.mx Rt1060
All versions

Related CWEs

CWE-203
Observable Discrepancy
The product behaves differently or sends different responses under different circumstances in a way that is observable to an unauthorized actor, which exposes security-relevant information about the state of the product, such as whether a particular operation was successful or not.

References (6)

Source: cve@mitre.org
Product
Source: cve@mitre.org
ExploitTechnical DescriptionThird Party Advisory
Source: cve@mitre.org
ExploitTechnical DescriptionThird Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Product
Source: af854a3a-2127-422b-91ae-364da2661108
ExploitTechnical DescriptionThird Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
ExploitTechnical DescriptionThird Party Advisory

Timeline

No history available yet.