Vulnerability Description
Nordic Semiconductor nRF52840 devices through 2020-10-19 have improper protection against physical side channels. The flash read-out protection (APPROTECT) can be bypassed by injecting a fault during the boot phase.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Nordicsemi | Nrf52840 Firmware | <= 2020-10-19 |
| Nordicsemi | Nrf52840 | - |
Related Weaknesses (CWE)
References
- https://eprint.iacr.org/2021/640Third Party Advisory
- https://infocenter.nordicsemi.com/pdf/in_133_v1.0.pdfThird Party Advisory
- https://limitedresults.com/2020/06/nrf52-debug-resurrection-approtect-bypass/Third Party Advisory
- https://www.aisec.fraunhofer.de/de/das-institut/wissenschaftliche-exzellenz/secuThird Party Advisory
- https://www.aisec.fraunhofer.de/en/FirmwareProtection.htmlThird Party Advisory
- https://eprint.iacr.org/2021/640Third Party Advisory
- https://infocenter.nordicsemi.com/pdf/in_133_v1.0.pdfThird Party Advisory
- https://limitedresults.com/2020/06/nrf52-debug-resurrection-approtect-bypass/Third Party Advisory
- https://www.aisec.fraunhofer.de/de/das-institut/wissenschaftliche-exzellenz/secuThird Party Advisory
- https://www.aisec.fraunhofer.de/en/FirmwareProtection.htmlThird Party Advisory
FAQ
What is CVE-2020-27211?
CVE-2020-27211 is a vulnerability with a CVSS score of 5.7 (MEDIUM). Nordic Semiconductor nRF52840 devices through 2020-10-19 have improper protection against physical side channels. The flash read-out protection (APPROTECT) can be bypassed by injecting a fault during ...
How severe is CVE-2020-27211?
CVE-2020-27211 has been rated MEDIUM with a CVSS base score of 5.7/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2020-27211?
Check the references section above for vendor advisories and patch information. Affected products include: Nordicsemi Nrf52840 Firmware, Nordicsemi Nrf52840.