STMicroelectronics STM32L4 devices through 2021-03-29 have incorrect physical access control.

No CVSS v4.0

Attack Vector Physical

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact None

Integrity Impact High

Availability Impact High

User Interaction None

No CVSS v3.0

Access Vector Local

Access Complexity Low

Authentication None

Confidentiality Impact None

Integrity Impact Partial

Availability Impact Partial

This CVE is not in the KEV list.

The EPSS score is 0.0015.

Key SSVC decision points have not yet been added.

Default status is the baseline for the product, each version can override it (e.g. patched versions marked unaffected).

Vendor Product Default status Versions
n/a n/a affected
Version Status Constraints
n/a affected

Configuration 1 [-]

AND
cpe:2.3:o:st:stm32cubel4_firmware:*:*:*:*:*:*:*:*
OR cpe:2.3:h:st:stm32l412c8:-:*:*:*:*:*:*:*
cpe:2.3:h:st:stm32l412cb:-:*:*:*:*:*:*:*
cpe:2.3:h:st:stm32l412k8:-:*:*:*:*:*:*:*
cpe:2.3:h:st:stm32l412kb:-:*:*:*:*:*:*:*
cpe:2.3:h:st:stm32l412r8:-:*:*:*:*:*:*:*
cpe:2.3:h:st:stm32l412rb:-:*:*:*:*:*:*:*
cpe:2.3:h:st:stm32l412t8:-:*:*:*:*:*:*:*
cpe:2.3:h:st:stm32l412tb:-:*:*:*:*:*:*:*
cpe:2.3:h:st:stm32l422cb:-:*:*:*:*:*:*:*
cpe:2.3:h:st:stm32l422kb:-:*:*:*:*:*:*:*
cpe:2.3:h:st:stm32l422rb:-:*:*:*:*:*:*:*
cpe:2.3:h:st:stm32l422tb:-:*:*:*:*:*:*:*
cpe:2.3:h:st:stm32l431cb:-:*:*:*:*:*:*:*
cpe:2.3:h:st:stm32l431cc:-:*:*:*:*:*:*:*
cpe:2.3:h:st:stm32l431kb:-:*:*:*:*:*:*:*
cpe:2.3:h:st:stm32l431kc:-:*:*:*:*:*:*:*
cpe:2.3:h:st:stm32l431rb:-:*:*:*:*:*:*:*
cpe:2.3:h:st:stm32l431rc:-:*:*:*:*:*:*:*
cpe:2.3:h:st:stm32l431vc:-:*:*:*:*:*:*:*
cpe:2.3:h:st:stm32l432kb:-:*:*:*:*:*:*:*
cpe:2.3:h:st:stm32l432kc:-:*:*:*:*:*:*:*
cpe:2.3:h:st:stm32l433cb:-:*:*:*:*:*:*:*
cpe:2.3:h:st:stm32l433cc:-:*:*:*:*:*:*:*
cpe:2.3:h:st:stm32l433rb:-:*:*:*:*:*:*:*
cpe:2.3:h:st:stm32l433rc:-:*:*:*:*:*:*:*
cpe:2.3:h:st:stm32l433vc:-:*:*:*:*:*:*:*
cpe:2.3:h:st:stm32l442kc:-:*:*:*:*:*:*:*
cpe:2.3:h:st:stm32l443cc:-:*:*:*:*:*:*:*
cpe:2.3:h:st:stm32l443rc:-:*:*:*:*:*:*:*
cpe:2.3:h:st:stm32l443vc:-:*:*:*:*:*:*:*
cpe:2.3:h:st:stm32l451cc:-:*:*:*:*:*:*:*
cpe:2.3:h:st:stm32l451ce:-:*:*:*:*:*:*:*
cpe:2.3:h:st:stm32l451rc:-:*:*:*:*:*:*:*
cpe:2.3:h:st:stm32l451re:-:*:*:*:*:*:*:*
cpe:2.3:h:st:stm32l451vc:-:*:*:*:*:*:*:*
cpe:2.3:h:st:stm32l451ve:-:*:*:*:*:*:*:*
cpe:2.3:h:st:stm32l452cc:-:*:*:*:*:*:*:*
cpe:2.3:h:st:stm32l452ce:-:*:*:*:*:*:*:*
cpe:2.3:h:st:stm32l452rc:-:*:*:*:*:*:*:*
cpe:2.3:h:st:stm32l452re:-:*:*:*:*:*:*:*
cpe:2.3:h:st:stm32l452vc:-:*:*:*:*:*:*:*
cpe:2.3:h:st:stm32l452ve:-:*:*:*:*:*:*:*
cpe:2.3:h:st:stm32l462ce:-:*:*:*:*:*:*:*
cpe:2.3:h:st:stm32l462re:-:*:*:*:*:*:*:*
cpe:2.3:h:st:stm32l462ve:-:*:*:*:*:*:*:*
cpe:2.3:h:st:stm32l471qe:-:*:*:*:*:*:*:*
cpe:2.3:h:st:stm32l471qg:-:*:*:*:*:*:*:*
cpe:2.3:h:st:stm32l471re:-:*:*:*:*:*:*:*
cpe:2.3:h:st:stm32l471rg:-:*:*:*:*:*:*:*
cpe:2.3:h:st:stm32l471ve:-:*:*:*:*:*:*:*
cpe:2.3:h:st:stm32l471vg:-:*:*:*:*:*:*:*
cpe:2.3:h:st:stm32l471ze:-:*:*:*:*:*:*:*
cpe:2.3:h:st:stm32l471zg:-:*:*:*:*:*:*:*
cpe:2.3:h:st:stm32l475rc:-:*:*:*:*:*:*:*
cpe:2.3:h:st:stm32l475re:-:*:*:*:*:*:*:*
cpe:2.3:h:st:stm32l475rg:-:*:*:*:*:*:*:*
cpe:2.3:h:st:stm32l475vc:-:*:*:*:*:*:*:*
cpe:2.3:h:st:stm32l475ve:-:*:*:*:*:*:*:*
cpe:2.3:h:st:stm32l475vg:-:*:*:*:*:*:*:*
cpe:2.3:h:st:stm32l476je:-:*:*:*:*:*:*:*
cpe:2.3:h:st:stm32l476jg:-:*:*:*:*:*:*:*
cpe:2.3:h:st:stm32l476me:-:*:*:*:*:*:*:*
cpe:2.3:h:st:stm32l476mg:-:*:*:*:*:*:*:*
cpe:2.3:h:st:stm32l476qe:-:*:*:*:*:*:*:*
cpe:2.3:h:st:stm32l476qg:-:*:*:*:*:*:*:*
cpe:2.3:h:st:stm32l476rc:-:*:*:*:*:*:*:*
cpe:2.3:h:st:stm32l476re:-:*:*:*:*:*:*:*
cpe:2.3:h:st:stm32l476rg:-:*:*:*:*:*:*:*
cpe:2.3:h:st:stm32l476vc:-:*:*:*:*:*:*:*
cpe:2.3:h:st:stm32l476ve:-:*:*:*:*:*:*:*
cpe:2.3:h:st:stm32l476vg:-:*:*:*:*:*:*:*
cpe:2.3:h:st:stm32l476ze:-:*:*:*:*:*:*:*
cpe:2.3:h:st:stm32l476zg:-:*:*:*:*:*:*:*
cpe:2.3:h:st:stm32l486jg:-:*:*:*:*:*:*:*
cpe:2.3:h:st:stm32l486qg:-:*:*:*:*:*:*:*
cpe:2.3:h:st:stm32l486rg:-:*:*:*:*:*:*:*
cpe:2.3:h:st:stm32l486vg:-:*:*:*:*:*:*:*
cpe:2.3:h:st:stm32l486zg:-:*:*:*:*:*:*:*
cpe:2.3:h:st:stm32l496ae:-:*:*:*:*:*:*:*
cpe:2.3:h:st:stm32l496ag:-:*:*:*:*:*:*:*
cpe:2.3:h:st:stm32l496qe:-:*:*:*:*:*:*:*
cpe:2.3:h:st:stm32l496qg:-:*:*:*:*:*:*:*
cpe:2.3:h:st:stm32l496re:-:*:*:*:*:*:*:*
cpe:2.3:h:st:stm32l496rg:-:*:*:*:*:*:*:*
cpe:2.3:h:st:stm32l496ve:-:*:*:*:*:*:*:*
cpe:2.3:h:st:stm32l496vg:-:*:*:*:*:*:*:*
cpe:2.3:h:st:stm32l496wg:-:*:*:*:*:*:*:*
cpe:2.3:h:st:stm32l496ze:-:*:*:*:*:*:*:*
cpe:2.3:h:st:stm32l496zg:-:*:*:*:*:*:*:*
cpe:2.3:h:st:stm32l4a6ag:-:*:*:*:*:*:*:*
cpe:2.3:h:st:stm32l4a6qg:-:*:*:*:*:*:*:*
cpe:2.3:h:st:stm32l4a6rg:-:*:*:*:*:*:*:*
cpe:2.3:h:st:stm32l4a6vg:-:*:*:*:*:*:*:*
cpe:2.3:h:st:stm32l4a6zg:-:*:*:*:*:*:*:*

No data.

No data.

Project Subscriptions

Vendors Products
St Subscribe
Stm32cubel4 Firmware Subscribe
Stm32l412c8 Subscribe
Stm32l412cb Subscribe
Stm32l412k8 Subscribe
Stm32l412kb Subscribe
Stm32l412r8 Subscribe
Stm32l412rb Subscribe
Stm32l412t8 Subscribe
Stm32l412tb Subscribe
Stm32l422cb Subscribe
Stm32l422kb Subscribe
Stm32l422rb Subscribe
Stm32l422tb Subscribe
Stm32l431cb Subscribe
Stm32l431cc Subscribe
Stm32l431kb Subscribe
Stm32l431kc Subscribe
Stm32l431rb Subscribe
Stm32l431rc Subscribe
Stm32l431vc Subscribe
Stm32l432kb Subscribe
Stm32l432kc Subscribe
Stm32l433cb Subscribe
Stm32l433cc Subscribe
Stm32l433rb Subscribe
Stm32l433rc Subscribe
Stm32l433vc Subscribe
Stm32l442kc Subscribe
Stm32l443cc Subscribe
Stm32l443rc Subscribe
Stm32l443vc Subscribe
Stm32l451cc Subscribe
Stm32l451ce Subscribe
Stm32l451rc Subscribe
Stm32l451re Subscribe
Stm32l451vc Subscribe
Stm32l451ve Subscribe
Stm32l452cc Subscribe
Stm32l452ce Subscribe
Stm32l452rc Subscribe
Stm32l452re Subscribe
Stm32l452vc Subscribe
Stm32l452ve Subscribe
Stm32l462ce Subscribe
Stm32l462re Subscribe
Stm32l462ve Subscribe
Stm32l471qe Subscribe
Stm32l471qg Subscribe
Stm32l471re Subscribe
Stm32l471rg Subscribe
Stm32l471ve Subscribe
Stm32l471vg Subscribe
Stm32l471ze Subscribe
Stm32l471zg Subscribe
Stm32l475rc Subscribe
Stm32l475re Subscribe
Stm32l475rg Subscribe
Stm32l475vc Subscribe
Stm32l475ve Subscribe
Stm32l475vg Subscribe
Stm32l476je Subscribe
Stm32l476jg Subscribe
Stm32l476me Subscribe
Stm32l476mg Subscribe
Stm32l476qe Subscribe
Stm32l476qg Subscribe
Stm32l476rc Subscribe
Stm32l476re Subscribe
Stm32l476rg Subscribe
Stm32l476vc Subscribe
Stm32l476ve Subscribe
Stm32l476vg Subscribe
Stm32l476ze Subscribe
Stm32l476zg Subscribe
Stm32l486jg Subscribe
Stm32l486qg Subscribe
Stm32l486rg Subscribe
Stm32l486vg Subscribe
Stm32l486zg Subscribe
Stm32l496ae Subscribe
Stm32l496ag Subscribe
Stm32l496qe Subscribe
Stm32l496qg Subscribe
Stm32l496re Subscribe
Stm32l496rg Subscribe
Stm32l496ve Subscribe
Stm32l496vg Subscribe
Stm32l496wg Subscribe
Stm32l496ze Subscribe
Stm32l496zg Subscribe
Stm32l4a6ag Subscribe
Stm32l4a6qg Subscribe
Stm32l4a6rg Subscribe
Stm32l4a6vg Subscribe
Stm32l4a6zg Subscribe
Advisories
Source ID Title
EUVD EUVD EUVD-2021-16049 STMicroelectronics STM32L4 devices through 2021-03-29 have incorrect physical access control.
Fixes

Solution

No solution given by the vendor.

Workaround

No workaround given by the vendor.

References
Link Providers
https://eprint.iacr.org/2021/640 cve-icon cve-icon
https://www.aisec.fraunhofer.de/de/das-institut/wissenschaftliche-exzellenz/security-and-trust-in-open-source-security-tokens.html cve-icon cve-icon
https://www.sit.fraunhofer.de/en/news-events/downloads-services/cve/ cve-icon cve-icon
History

No history.

Projects

Sign in to view the affected projects.

cve-icon MITRE

Status: PUBLISHED

Assigner: mitre

Published:

Updated: 2024-08-03T22:02:51.868Z

Reserved: 2021-03-29T00:00:00

Link: CVE-2021-29414

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2021-05-21T12:15:07.923

Modified: 2024-11-21T06:01:03.067

Link: CVE-2021-29414

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

No data.

Weaknesses