Vulnerability Description
Incorrect access control in RDP Level 1 on STMicroelectronics STM32F0 series devices allows physically present attackers to extract the device's protected firmware via a special sequence of Serial Wire Debug (SWD) commands because there is a race condition between full initialization of the SWD interface and the setup of flash protection.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| St | Stm32F071Rb Firmware | - |
| St | Stm32F071Rb | - |
| St | Stm32F071V8 Firmware | - |
| St | Stm32F071V8 | - |
| St | Stm32F071Vb Firmware | - |
| St | Stm32F071Vb | - |
| St | Stm32F072C8 Firmware | - |
| St | Stm32F072C8 | - |
| St | Stm32F072Cb Firmware | - |
| St | Stm32F072Cb | - |
| St | Stm32F072R8 Firmware | - |
| St | Stm32F072R8 | - |
| St | Stm32F072Rb Firmware | - |
| St | Stm32F072Rb | - |
| St | Stm32F072V8 Firmware | - |
| St | Stm32F072V8 | - |
| St | Stm32F072Vb Firmware | - |
| St | Stm32F072Vb | - |
| St | Stm32F078Cb Firmware | - |
| St | Stm32F078Cb | - |
Related Weaknesses (CWE)
References
- https://community.st.com/s/question/0D50X00009Xke7aSAB/readout-protection-crackeVendor Advisory
- https://www.aisec.fraunhofer.de/en/FirmwareProtection.htmlExploitThird Party Advisory
- https://www.usenix.org/conference/woot17/workshop-program/presentation/obermaierExploitThird Party Advisory
- https://community.st.com/s/question/0D50X00009Xke7aSAB/readout-protection-crackeVendor Advisory
- https://www.aisec.fraunhofer.de/en/FirmwareProtection.htmlExploitThird Party Advisory
- https://www.usenix.org/conference/woot17/workshop-program/presentation/obermaierExploitThird Party Advisory
FAQ
What is CVE-2017-18347?
CVE-2017-18347 is a vulnerability with a CVSS score of 4.6 (MEDIUM). Incorrect access control in RDP Level 1 on STMicroelectronics STM32F0 series devices allows physically present attackers to extract the device's protected firmware via a special sequence of Serial Wir...
How severe is CVE-2017-18347?
CVE-2017-18347 has been rated MEDIUM with a CVSS base score of 4.6/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2017-18347?
Check the references section above for vendor advisories and patch information. Affected products include: St Stm32F071Rb Firmware, St Stm32F071Rb, St Stm32F071V8 Firmware, St Stm32F071V8, St Stm32F071Vb Firmware.