CVE-2019-14238 - OpenCVE

On STMicroelectronics STM32F7 devices, Proprietary Code Read Out Protection (PCROP) (a software IP protection method) can be defeated with a debug probe via the Instruction Tightly Coupled Memory (ITCM) bus.

No CVSS v4.0

Attack Vector Physical

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

No CVSS v3.0

Access Vector Local

Access Complexity Low

Authentication None

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact Partial

AV:L/AC:L/Au:N/C:P/I:P/A:P

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
St	Stm32f4 Stm32f4 Firmware Stm32f7 Stm32f7 Firmware Stm32h7 Stm32h7 Firmware Stm32l0 Stm32l0 Firmware Stm32l1 Stm32l1 Firmware Stm32l4 Stm32l4 Firmware

Configuration 1 [-]

AND

cpe:2.3:o:st:stm32l0_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:st:stm32l0:-:*:*:*:*:*:*:*

Configuration 2 [-]

AND

cpe:2.3:h:st:stm32l1:-:*:*:*:*:*:*:*

cpe:2.3:o:st:stm32l1_firmware:-:*:*:*:*:*:*:*

Configuration 3 [-]

AND

cpe:2.3:h:st:stm32f4:-:*:*:*:*:*:*:*

cpe:2.3:o:st:stm32f4_firmware:-:*:*:*:*:*:*:*

Configuration 4 [-]

AND

cpe:2.3:h:st:stm32l4:-:*:*:*:*:*:*:*

cpe:2.3:o:st:stm32l4_firmware:-:*:*:*:*:*:*:*

Configuration 5 [-]

AND

cpe:2.3:h:st:stm32f7:-:*:*:*:*:*:*:*

cpe:2.3:o:st:stm32f7_firmware:-:*:*:*:*:*:*:*

Configuration 6 [-]

AND

cpe:2.3:h:st:stm32h7:-:*:*:*:*:*:*:*

cpe:2.3:o:st:stm32h7_firmware:-:*:*:*:*:*:*:*

No data.

References

Link	Providers
https://www.usenix.org/conference/woot19/presentation/schink
https://www.usenix.org/system/files/woot19-paper_schink.pdf

History

No history.

MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2019-09-24T18:00:20

Updated: 2024-08-05T00:12:43.284Z

Reserved: 2019-07-22T00:00:00

Link: CVE-2019-14238

Vulnrichment

No data.

NVD

Status : Analyzed

Published: 2019-09-24T18:15:10.797

Modified: 2019-09-25T13:32:08.987

Link: CVE-2019-14238

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "descriptions": [{"lang": "en", "value": "On STMicroelectronics STM32F7 devices, Proprietary Code Read Out Protection (PCROP) (a software IP protection method) can be defeated with a debug probe via the Instruction Tightly Coupled Memory (ITCM) bus."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2019-09-24T18:00:20", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"tags": ["x_refsource_MISC"], "url": "https://www.usenix.org/system/files/woot19-paper_schink.pdf"}, {"tags": ["x_refsource_MISC"], "url": "https://www.usenix.org/conference/woot19/presentation/schink"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2019-14238", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "On STMicroelectronics STM32F7 devices, Proprietary Code Read Out Protection (PCROP) (a software IP protection method) can be defeated with a debug probe via the Instruction Tightly Coupled Memory (ITCM) bus."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "https://www.usenix.org/system/files/woot19-paper_schink.pdf", "refsource": "MISC", "url": "https://www.usenix.org/system/files/woot19-paper_schink.pdf"}, {"name": "https://www.usenix.org/conference/woot19/presentation/schink", "refsource": "MISC", "url": "https://www.usenix.org/conference/woot19/presentation/schink"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-05T00:12:43.284Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://www.usenix.org/system/files/woot19-paper_schink.pdf"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://www.usenix.org/conference/woot19/presentation/schink"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2019-14238", "datePublished": "2019-09-24T18:00:20", "dateReserved": "2019-07-22T00:00:00", "dateUpdated": "2024-08-05T00:12:43.284Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:st:stm32l0_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "9E8173AA-028B-44C2-81C0-B216289CFFC1", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:st:stm32l0:-:*:*:*:*:*:*:*", "matchCriteriaId": "DB597A37-93DE-445A-BD00-9F5593BEC0FD", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:h:st:stm32l1:-:*:*:*:*:*:*:*", "matchCriteriaId": "BEDC40CE-9909-4F22-A8BD-1074C89440DA", "vulnerable": false}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:o:st:stm32l1_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "A6CBFC4A-597C-4CFB-B84C-058E3B1E6D2D", "vulnerable": true}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:h:st:stm32f4:-:*:*:*:*:*:*:*", "matchCriteriaId": "440D2164-B326-4399-94C2-67705F0046AB", "vulnerable": false}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:o:st:stm32f4_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "C862BA8C-8B56-4326-B912-2FDF80549651", "vulnerable": true}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:h:st:stm32l4:-:*:*:*:*:*:*:*", "matchCriteriaId": "E10B907C-88E9-402C-96F5-8D30F06CB26C", "vulnerable": false}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:o:st:stm32l4_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "1D00F3B0-486C-4B40-9E10-DCFBFBC5AA98", "vulnerable": true}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:h:st:stm32f7:-:*:*:*:*:*:*:*", "matchCriteriaId": "8059CBFB-6323-4CC2-979C-1A01433C01A9", "vulnerable": false}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:o:st:stm32f7_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "5EF9C325-7B9D-45F5-9CD0-684B87A82D60", "vulnerable": true}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:h:st:stm32h7:-:*:*:*:*:*:*:*", "matchCriteriaId": "CE2F16E8-9CEC-4F15-B6E6-F5006DE30B5F", "vulnerable": false}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:o:st:stm32h7_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "0C0FCD79-5A82-40AF-B221-2EF6601D92F2", "vulnerable": true}], "negate": false, "operator": "OR"}], "operator": "AND"}], "cveTags": [], "descriptions": [{"lang": "en", "value": "On STMicroelectronics STM32F7 devices, Proprietary Code Read Out Protection (PCROP) (a software IP protection method) can be defeated with a debug probe via the Instruction Tightly Coupled Memory (ITCM) bus."}, {"lang": "es", "value": "En los dispositivos STMicroelectronics STM32F7, la Proprietary Code Read Out Protection (PCROP) (un m\u00e9todo de protecci\u00f3n IP de software) puede ser superada con una sonda de depuraci\u00f3n por medio del bus Instruction Tightly Coupled Memory (ITCM)."}], "id": "CVE-2019-14238", "lastModified": "2019-09-25T13:32:08.987", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 4.6, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 3.9, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "PHYSICAL", "availabilityImpact": "HIGH", "baseScore": 6.6, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 0.7, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2019-09-24T18:15:10.797", "references": [{"source": "cve@mitre.org", "tags": ["Exploit", "Third Party Advisory"], "url": "https://www.usenix.org/conference/woot19/presentation/schink"}, {"source": "cve@mitre.org", "tags": ["Exploit", "Mitigation", "Third Party Advisory"], "url": "https://www.usenix.org/system/files/woot19-paper_schink.pdf"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-287"}], "source": "nvd@nist.gov", "type": "Primary"}]}