CVE-2017-18347 - Vulnerability Details

Incorrect access control in RDP Level 1 on STMicroelectronics STM32F0 series devices allows physically present attackers to extract the device's protected firmware via a special sequence of Serial Wire Debug (SWD) commands because there is a race condition between full initialization of the SWD interface and the setup of flash protection.

No CVSS v4.0

Attack Vector Physical

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact None

Availability Impact None

User Interaction None

No CVSS v3.0

Access Vector Local

Access Complexity Low

Authentication None

Confidentiality Impact Complete

Integrity Impact None

Availability Impact None

This CVE is not in the KEV list.

The EPSS score is 0.00063.

Key SSVC decision points have not yet been added.

Vendors	Products
St	Stm32f030c6 Stm32f030c6 Firmware Stm32f030c8 Stm32f030c8 Firmware Stm32f030cc Stm32f030cc Firmware Stm32f030f4 Stm32f030f4 Firmware Stm32f030k6 Stm32f030k6 Firmware Stm32f030r8 Stm32f030r8 Firmware Stm32f030rc Stm32f030rc Firmware Stm32f031c4 Stm32f031c4 Firmware Stm32f031c6 Stm32f031c6 Firmware Stm32f031e6 Stm32f031e6 Firmware Stm32f031f4 Stm32f031f4 Firmware Stm32f031f6 Stm32f031f6 Firmware Stm32f031g4 Stm32f031g4 Firmware Stm32f031g6 Stm32f031g6 Firmware Stm32f031k4 Stm32f031k4 Firmware Stm32f038c6 Stm32f038c6 Firmware Stm32f038e6 Stm32f038e6 Firmware Stm32f038f6 Stm32f038f6 Firmware Stm32f038g6 Stm32f038g6 Firmware Stm32f038k6 Stm32f038k6 Firmware Stm32f042c4 Stm32f042c4 Firmware Stm32f042c6 Stm32f042c6 Firmware Stm32f042f4 Stm32f042f4 Firmware Stm32f042f6 Stm32f042f6 Firmware Stm32f042g4 Stm32f042g4 Firmware Stm32f042g6 Stm32f042g6 Firmware Stm32f042k4 Stm32f042k4 Firmware Stm32f042k6 Stm32f042k6 Firmware Stm32f042t6 Stm32f042t6 Firmware Stm32f048c6 Stm32f048c6 Firmware Stm32f048g6 Stm32f048g6 Firmware Stm32f048t6 Stm32f048t6 Firmware Stm32f051c4 Stm32f051c4 Firmware Stm32f051c6 Stm32f051c6 Firmware Stm32f051c8 Stm32f051c8 Firmware Stm32f051k4 Stm32f051k4 Firmware Stm32f051k6 Stm32f051k6 Firmware Stm32f051k8 Stm32f051k8 Firmware Stm32f051r4 Stm32f051r4 Firmware Stm32f051r6 Stm32f051r6 Firmware Stm32f051r8 Stm32f051r8 Firmware Stm32f051t8 Stm32f051t8 Firmware Stm32f058c8 Stm32f058c8 Firmware Stm32f058r8 Stm32f058r8 Firmware Stm32f058t8 Stm32f058t8 Firmware Stm32f070c6 Stm32f070c6 Firmware Stm32f070cb Stm32f070cb Firmware Stm32f070f6 Stm32f070f6 Firmware Stm32f070rb Stm32f070rb Firmware Stm32f071c8 Stm32f071c8 Firmware Stm32f071cb Stm32f071cb Firmware Stm32f071rb Stm32f071rb Firmware Stm32f071v8 Stm32f071v8 Firmware Stm32f071vb Stm32f071vb Firmware Stm32f072c8 Stm32f072c8 Firmware Stm32f072cb Stm32f072cb Firmware Stm32f072r8 Stm32f072r8 Firmware Stm32f072rb Stm32f072rb Firmware Stm32f072v8 Stm32f072v8 Firmware Stm32f072vb Stm32f072vb Firmware Stm32f078cb Stm32f078cb Firmware Stm32f078rb Stm32f078rb Firmware Stm32f078vb Stm32f078vb Firmware Stm32f091cb Stm32f091cb Firmware Stm32f091cc Stm32f091cc Firmware Stm32f091rb Stm32f091rb Firmware Stm32f091rc Stm32f091rc Firmware Stm32f091vb Stm32f091vb Firmware Stm32f091vc Stm32f091vc Firmware Stm32f098cc Stm32f098cc Firmware Stm32f098rc Stm32f098rc Firmware Stm32f098vc Stm32f098vc Firmware

Configuration 1 [-]

AND

cpe:2.3:o:st:stm32f071rb_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:st:stm32f071rb:-:*:*:*:*:*:*:*

Configuration 2 [-]

AND

cpe:2.3:o:st:stm32f071v8_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:st:stm32f071v8:-:*:*:*:*:*:*:*

Configuration 3 [-]

AND

cpe:2.3:o:st:stm32f071vb_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:st:stm32f071vb:-:*:*:*:*:*:*:*

Configuration 4 [-]

AND

cpe:2.3:o:st:stm32f072c8_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:st:stm32f072c8:-:*:*:*:*:*:*:*

Configuration 5 [-]

AND

cpe:2.3:o:st:stm32f072cb_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:st:stm32f072cb:-:*:*:*:*:*:*:*

Configuration 6 [-]

AND

cpe:2.3:o:st:stm32f072r8_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:st:stm32f072r8:-:*:*:*:*:*:*:*

Configuration 7 [-]

AND

cpe:2.3:o:st:stm32f072rb_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:st:stm32f072rb:-:*:*:*:*:*:*:*

Configuration 8 [-]

AND

cpe:2.3:o:st:stm32f072v8_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:st:stm32f072v8:-:*:*:*:*:*:*:*

Configuration 9 [-]

AND

cpe:2.3:o:st:stm32f072vb_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:st:stm32f072vb:-:*:*:*:*:*:*:*

Configuration 10 [-]

AND

cpe:2.3:o:st:stm32f078cb_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:st:stm32f078cb:-:*:*:*:*:*:*:*

Configuration 11 [-]

AND

cpe:2.3:o:st:stm32f078rb_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:st:stm32f078rb:-:*:*:*:*:*:*:*

Configuration 12 [-]

AND

cpe:2.3:o:st:stm32f078vb_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:st:stm32f078vb:-:*:*:*:*:*:*:*

Configuration 13 [-]

AND

cpe:2.3:o:st:stm32f091cb_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:st:stm32f091cb:-:*:*:*:*:*:*:*

Configuration 14 [-]

AND

cpe:2.3:o:st:stm32f091cc_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:st:stm32f091cc:-:*:*:*:*:*:*:*

Configuration 15 [-]

AND

cpe:2.3:o:st:stm32f091rb_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:st:stm32f091rb:-:*:*:*:*:*:*:*

Configuration 16 [-]

AND

cpe:2.3:o:st:stm32f091rc_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:st:stm32f091rc:-:*:*:*:*:*:*:*

Configuration 17 [-]

AND

cpe:2.3:o:st:stm32f091vb_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:st:stm32f091vb:-:*:*:*:*:*:*:*

Configuration 18 [-]

AND

cpe:2.3:o:st:stm32f091vc_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:st:stm32f091vc:-:*:*:*:*:*:*:*

Configuration 19 [-]

AND

cpe:2.3:o:st:stm32f098cc_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:st:stm32f098cc:-:*:*:*:*:*:*:*

Configuration 20 [-]

AND

cpe:2.3:o:st:stm32f098rc_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:st:stm32f098rc:-:*:*:*:*:*:*:*

Configuration 21 [-]

AND

cpe:2.3:o:st:stm32f098vc_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:st:stm32f098vc:-:*:*:*:*:*:*:*

Configuration 22 [-]

AND

cpe:2.3:o:st:stm32f070c6_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:st:stm32f070c6:-:*:*:*:*:*:*:*

Configuration 23 [-]

AND

cpe:2.3:o:st:stm32f070cb_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:st:stm32f070cb:-:*:*:*:*:*:*:*

Configuration 24 [-]

AND

cpe:2.3:o:st:stm32f070f6_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:st:stm32f070f6:-:*:*:*:*:*:*:*

Configuration 25 [-]

AND

cpe:2.3:o:st:stm32f070rb_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:st:stm32f070rb:-:*:*:*:*:*:*:*

Configuration 26 [-]

AND

cpe:2.3:o:st:stm32f071c8_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:st:stm32f071c8:-:*:*:*:*:*:*:*

Configuration 27 [-]

AND

cpe:2.3:o:st:stm32f071cb_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:st:stm32f071cb:-:*:*:*:*:*:*:*

Configuration 28 [-]

AND

cpe:2.3:o:st:stm32f051t8_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:st:stm32f051t8:-:*:*:*:*:*:*:*

Configuration 29 [-]

AND

cpe:2.3:o:st:stm32f058c8_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:st:stm32f058c8:-:*:*:*:*:*:*:*

Configuration 30 [-]

AND

cpe:2.3:o:st:stm32f058r8_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:st:stm32f058r8:-:*:*:*:*:*:*:*

Configuration 31 [-]

AND

cpe:2.3:o:st:stm32f058t8_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:st:stm32f058t8:-:*:*:*:*:*:*:*

Configuration 32 [-]

AND

cpe:2.3:o:st:stm32f070c6_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:st:stm32f070c6:-:*:*:*:*:*:*:*

Configuration 33 [-]

AND

cpe:2.3:o:st:stm32f051k4_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:st:stm32f051k4:-:*:*:*:*:*:*:*

Configuration 34 [-]

AND

cpe:2.3:o:st:stm32f051k6_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:st:stm32f051k6:-:*:*:*:*:*:*:*

Configuration 35 [-]

AND

cpe:2.3:o:st:stm32f051k8_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:st:stm32f051k8:-:*:*:*:*:*:*:*

Configuration 36 [-]

AND

cpe:2.3:o:st:stm32f051r4_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:st:stm32f051r4:-:*:*:*:*:*:*:*

Configuration 37 [-]

AND

cpe:2.3:o:st:stm32f051r6_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:st:stm32f051r6:-:*:*:*:*:*:*:*

Configuration 38 [-]

AND

cpe:2.3:o:st:stm32f051r8_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:st:stm32f051r8:-:*:*:*:*:*:*:*

Configuration 39 [-]

AND

cpe:2.3:o:st:stm32f042t6_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:st:stm32f042t6:-:*:*:*:*:*:*:*

Configuration 40 [-]

AND

cpe:2.3:o:st:stm32f048c6_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:st:stm32f048c6:-:*:*:*:*:*:*:*

Configuration 41 [-]

AND

cpe:2.3:o:st:stm32f048g6_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:st:stm32f048g6:-:*:*:*:*:*:*:*

Configuration 42 [-]

AND

cpe:2.3:o:st:stm32f048t6_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:st:stm32f048t6:-:*:*:*:*:*:*:*

Configuration 43 [-]

AND

cpe:2.3:o:st:stm32f051c4_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:st:stm32f051c4:-:*:*:*:*:*:*:*

Configuration 44 [-]

AND

cpe:2.3:o:st:stm32f051c6_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:st:stm32f051c6:-:*:*:*:*:*:*:*

Configuration 45 [-]

AND

cpe:2.3:o:st:stm32f051c8_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:st:stm32f051c8:-:*:*:*:*:*:*:*

Configuration 46 [-]

AND

cpe:2.3:o:st:stm32f042f4_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:st:stm32f042f4:-:*:*:*:*:*:*:*

Configuration 47 [-]

AND

cpe:2.3:o:st:stm32f042f6_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:st:stm32f042f6:-:*:*:*:*:*:*:*

Configuration 48 [-]

AND

cpe:2.3:o:st:stm32f042g4_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:st:stm32f042g4:-:*:*:*:*:*:*:*

Configuration 49 [-]

AND

cpe:2.3:o:st:stm32f042g6_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:st:stm32f042g6:-:*:*:*:*:*:*:*

Configuration 50 [-]

AND

cpe:2.3:o:st:stm32f042k4_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:st:stm32f042k4:-:*:*:*:*:*:*:*

Configuration 51 [-]

AND

cpe:2.3:o:st:stm32f042k6_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:st:stm32f042k6:-:*:*:*:*:*:*:*

Configuration 52 [-]

AND

cpe:2.3:o:st:stm32f038c6_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:st:stm32f038c6:-:*:*:*:*:*:*:*

Configuration 53 [-]

AND

cpe:2.3:o:st:stm32f038e6_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:st:stm32f038e6:-:*:*:*:*:*:*:*

Configuration 54 [-]

AND

cpe:2.3:o:st:stm32f038f6_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:st:stm32f038f6:-:*:*:*:*:*:*:*

Configuration 55 [-]

AND

cpe:2.3:o:st:stm32f038g6_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:st:stm32f038g6:-:*:*:*:*:*:*:*

Configuration 56 [-]

AND

cpe:2.3:o:st:stm32f038k6_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:st:stm32f038k6:-:*:*:*:*:*:*:*

Configuration 57 [-]

AND

cpe:2.3:o:st:stm32f042c4_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:st:stm32f042c4:-:*:*:*:*:*:*:*

Configuration 58 [-]

AND

cpe:2.3:o:st:stm32f042c6_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:st:stm32f042c6:-:*:*:*:*:*:*:*

Configuration 59 [-]

AND

cpe:2.3:o:st:stm32f031e6_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:st:stm32f031e6:-:*:*:*:*:*:*:*

Configuration 60 [-]

AND

cpe:2.3:o:st:stm32f031f4_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:st:stm32f031f4:-:*:*:*:*:*:*:*

Configuration 61 [-]

AND

cpe:2.3:o:st:stm32f031f6_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:st:stm32f031f6:-:*:*:*:*:*:*:*

Configuration 62 [-]

AND

cpe:2.3:o:st:stm32f031g4_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:st:stm32f031g4:-:*:*:*:*:*:*:*

Configuration 63 [-]

AND

cpe:2.3:o:st:stm32f031g6_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:st:stm32f031g6:-:*:*:*:*:*:*:*

Configuration 64 [-]

AND

cpe:2.3:o:st:stm32f031k4_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:st:stm32f031k4:-:*:*:*:*:*:*:*

Configuration 65 [-]

AND

cpe:2.3:o:st:stm32f030f4_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:st:stm32f030f4:-:*:*:*:*:*:*:*

Configuration 66 [-]

AND

cpe:2.3:o:st:stm32f030k6_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:st:stm32f030k6:-:*:*:*:*:*:*:*

Configuration 67 [-]

AND

cpe:2.3:o:st:stm32f030r8_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:st:stm32f030r8:-:*:*:*:*:*:*:*

Configuration 68 [-]

AND

cpe:2.3:o:st:stm32f030rc_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:st:stm32f030rc:-:*:*:*:*:*:*:*

Configuration 69 [-]

AND

cpe:2.3:o:st:stm32f031c4_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:st:stm32f031c4:-:*:*:*:*:*:*:*

Configuration 70 [-]

AND

cpe:2.3:o:st:stm32f031c6_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:st:stm32f031c6:-:*:*:*:*:*:*:*

Configuration 71 [-]

AND

cpe:2.3:o:st:stm32f030c6_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:st:stm32f030c6:-:*:*:*:*:*:*:*

Configuration 72 [-]

AND

cpe:2.3:o:st:stm32f030c8_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:st:stm32f030c8:-:*:*:*:*:*:*:*

Configuration 73 [-]

AND

cpe:2.3:o:st:stm32f030cc_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:st:stm32f030cc:-:*:*:*:*:*:*:*

No data.

Advisories

Source	ID	Title
EUVD	EUVD-2017-9472	Incorrect access control in RDP Level 1 on STMicroelectronics STM32F0 series devices allows physically present attackers to extract the device's protected firmware via a special sequence of Serial Wire Debug (SWD) commands because there is a race condition between full initialization of the SWD interface and the setup of flash protection.

Fixes

Solution

No solution given by the vendor.

Workaround

No workaround given by the vendor.

References

Link	Providers
https://community.st.com/s/question/0D50X00009Xke7aSAB/readout-protection-cracked-on-stm32
https://www.aisec.fraunhofer.de/en/FirmwareProtection.html
https://www.usenix.org/conference/woot17/workshop-program/presentation/obermaier

History

No history.

MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2018-09-12T15:00:00Z

Updated: 2024-09-17T01:36:16.947Z

Reserved: 2018-09-12T00:00:00Z

Link: CVE-2017-18347

Vulnrichment

No data.

NVD

Status : Modified

Published: 2018-09-12T15:29:00.233

Modified: 2024-11-21T03:19:53.833

Link: CVE-2017-18347

Redhat

No data.

OpenCVE Enrichment

No data.

Metrics

Attack Vector Physical

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact None

Availability Impact None

User Interaction None

Access Vector Local

Access Complexity Low

Authentication None

Confidentiality Impact Complete

Integrity Impact None

Availability Impact None

Affected Vendors & Products

Metrics

Attack Vector Physical

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact None

Availability Impact None

User Interaction None

Access Vector Local

Access Complexity Low

Authentication None

Confidentiality Impact Complete

Integrity Impact None

Availability Impact None

Affected Vendors & Products

JSON object

JSON object

JSON object

JSON object

JSON object