CVE-2021-29414 - Vulnerability Details

STMicroelectronics STM32L4 devices through 2021-03-29 have incorrect physical access control.

No CVSS v4.0

Attack Vector Physical

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact None

Integrity Impact High

Availability Impact High

User Interaction None

No CVSS v3.0

Access Vector Local

Access Complexity Low

Authentication None

Confidentiality Impact None

Integrity Impact Partial

Availability Impact Partial

This CVE is not in the KEV list.

The EPSS score is 0.0015.

Key SSVC decision points have not yet been added.

Vendors	Products
St Subscribe	Stm32cubel4 Firmware Subscribe Stm32l412c8 Subscribe Stm32l412cb Subscribe Stm32l412k8 Subscribe Stm32l412kb Subscribe Stm32l412r8 Subscribe Stm32l412rb Subscribe Stm32l412t8 Subscribe Stm32l412tb Subscribe Stm32l422cb Subscribe Stm32l422kb Subscribe Stm32l422rb Subscribe Stm32l422tb Subscribe Stm32l431cb Subscribe Stm32l431cc Subscribe Stm32l431kb Subscribe Stm32l431kc Subscribe Stm32l431rb Subscribe Stm32l431rc Subscribe Stm32l431vc Subscribe Stm32l432kb Subscribe Stm32l432kc Subscribe Stm32l433cb Subscribe Stm32l433cc Subscribe Stm32l433rb Subscribe Stm32l433rc Subscribe Stm32l433vc Subscribe Stm32l442kc Subscribe Stm32l443cc Subscribe Stm32l443rc Subscribe Stm32l443vc Subscribe Stm32l451cc Subscribe Stm32l451ce Subscribe Stm32l451rc Subscribe Stm32l451re Subscribe Stm32l451vc Subscribe Stm32l451ve Subscribe Stm32l452cc Subscribe Stm32l452ce Subscribe Stm32l452rc Subscribe Stm32l452re Subscribe Stm32l452vc Subscribe Stm32l452ve Subscribe Stm32l462ce Subscribe Stm32l462re Subscribe Stm32l462ve Subscribe Stm32l471qe Subscribe Stm32l471qg Subscribe Stm32l471re Subscribe Stm32l471rg Subscribe Stm32l471ve Subscribe Stm32l471vg Subscribe Stm32l471ze Subscribe Stm32l471zg Subscribe Stm32l475rc Subscribe Stm32l475re Subscribe Stm32l475rg Subscribe Stm32l475vc Subscribe Stm32l475ve Subscribe Stm32l475vg Subscribe Stm32l476je Subscribe Stm32l476jg Subscribe Stm32l476me Subscribe Stm32l476mg Subscribe Stm32l476qe Subscribe Stm32l476qg Subscribe Stm32l476rc Subscribe Stm32l476re Subscribe Stm32l476rg Subscribe Stm32l476vc Subscribe Stm32l476ve Subscribe Stm32l476vg Subscribe Stm32l476ze Subscribe Stm32l476zg Subscribe Stm32l486jg Subscribe Stm32l486qg Subscribe Stm32l486rg Subscribe Stm32l486vg Subscribe Stm32l486zg Subscribe Stm32l496ae Subscribe Stm32l496ag Subscribe Stm32l496qe Subscribe Stm32l496qg Subscribe Stm32l496re Subscribe Stm32l496rg Subscribe Stm32l496ve Subscribe Stm32l496vg Subscribe Stm32l496wg Subscribe Stm32l496ze Subscribe Stm32l496zg Subscribe Stm32l4a6ag Subscribe Stm32l4a6qg Subscribe Stm32l4a6rg Subscribe Stm32l4a6vg Subscribe Stm32l4a6zg Subscribe

Configuration 1 [-]

AND

cpe:2.3:o:st:stm32cubel4_firmware:*:*:*:*:*:*:*:*

OR	cpe:2.3:h:st:stm32l412c8:-:::::::*
	cpe:2.3:h:st:stm32l412cb:-:::::::*
	cpe:2.3:h:st:stm32l412k8:-:::::::*
	cpe:2.3:h:st:stm32l412kb:-:::::::*
	cpe:2.3:h:st:stm32l412r8:-:::::::*
	cpe:2.3:h:st:stm32l412rb:-:::::::*
	cpe:2.3:h:st:stm32l412t8:-:::::::*
	cpe:2.3:h:st:stm32l412tb:-:::::::*
	cpe:2.3:h:st:stm32l422cb:-:::::::*
	cpe:2.3:h:st:stm32l422kb:-:::::::*
	cpe:2.3:h:st:stm32l422rb:-:::::::*
	cpe:2.3:h:st:stm32l422tb:-:::::::*
	cpe:2.3:h:st:stm32l431cb:-:::::::*
	cpe:2.3:h:st:stm32l431cc:-:::::::*
	cpe:2.3:h:st:stm32l431kb:-:::::::*
	cpe:2.3:h:st:stm32l431kc:-:::::::*
	cpe:2.3:h:st:stm32l431rb:-:::::::*
	cpe:2.3:h:st:stm32l431rc:-:::::::*
	cpe:2.3:h:st:stm32l431vc:-:::::::*
	cpe:2.3:h:st:stm32l432kb:-:::::::*
	cpe:2.3:h:st:stm32l432kc:-:::::::*
	cpe:2.3:h:st:stm32l433cb:-:::::::*
	cpe:2.3:h:st:stm32l433cc:-:::::::*
	cpe:2.3:h:st:stm32l433rb:-:::::::*
	cpe:2.3:h:st:stm32l433rc:-:::::::*
	cpe:2.3:h:st:stm32l433vc:-:::::::*
	cpe:2.3:h:st:stm32l442kc:-:::::::*
	cpe:2.3:h:st:stm32l443cc:-:::::::*
	cpe:2.3:h:st:stm32l443rc:-:::::::*
	cpe:2.3:h:st:stm32l443vc:-:::::::*
	cpe:2.3:h:st:stm32l451cc:-:::::::*
	cpe:2.3:h:st:stm32l451ce:-:::::::*
	cpe:2.3:h:st:stm32l451rc:-:::::::*
	cpe:2.3:h:st:stm32l451re:-:::::::*
	cpe:2.3:h:st:stm32l451vc:-:::::::*
	cpe:2.3:h:st:stm32l451ve:-:::::::*
	cpe:2.3:h:st:stm32l452cc:-:::::::*
	cpe:2.3:h:st:stm32l452ce:-:::::::*
	cpe:2.3:h:st:stm32l452rc:-:::::::*
	cpe:2.3:h:st:stm32l452re:-:::::::*
	cpe:2.3:h:st:stm32l452vc:-:::::::*
	cpe:2.3:h:st:stm32l452ve:-:::::::*
	cpe:2.3:h:st:stm32l462ce:-:::::::*
	cpe:2.3:h:st:stm32l462re:-:::::::*
	cpe:2.3:h:st:stm32l462ve:-:::::::*
	cpe:2.3:h:st:stm32l471qe:-:::::::*
	cpe:2.3:h:st:stm32l471qg:-:::::::*
	cpe:2.3:h:st:stm32l471re:-:::::::*
	cpe:2.3:h:st:stm32l471rg:-:::::::*
	cpe:2.3:h:st:stm32l471ve:-:::::::*
	cpe:2.3:h:st:stm32l471vg:-:::::::*
	cpe:2.3:h:st:stm32l471ze:-:::::::*
	cpe:2.3:h:st:stm32l471zg:-:::::::*
	cpe:2.3:h:st:stm32l475rc:-:::::::*
	cpe:2.3:h:st:stm32l475re:-:::::::*
	cpe:2.3:h:st:stm32l475rg:-:::::::*
	cpe:2.3:h:st:stm32l475vc:-:::::::*
	cpe:2.3:h:st:stm32l475ve:-:::::::*
	cpe:2.3:h:st:stm32l475vg:-:::::::*
	cpe:2.3:h:st:stm32l476je:-:::::::*
	cpe:2.3:h:st:stm32l476jg:-:::::::*
	cpe:2.3:h:st:stm32l476me:-:::::::*
	cpe:2.3:h:st:stm32l476mg:-:::::::*
	cpe:2.3:h:st:stm32l476qe:-:::::::*
cpe:2.3:h:st:stm32l476qg:-:::::::*
cpe:2.3:h:st:stm32l476rc:-:::::::*
cpe:2.3:h:st:stm32l476re:-:::::::*
cpe:2.3:h:st:stm32l476rg:-:::::::*
cpe:2.3:h:st:stm32l476vc:-:::::::*
cpe:2.3:h:st:stm32l476ve:-:::::::*
cpe:2.3:h:st:stm32l476vg:-:::::::*
cpe:2.3:h:st:stm32l476ze:-:::::::*
cpe:2.3:h:st:stm32l476zg:-:::::::*
cpe:2.3:h:st:stm32l486jg:-:::::::*
cpe:2.3:h:st:stm32l486qg:-:::::::*
cpe:2.3:h:st:stm32l486rg:-:::::::*
cpe:2.3:h:st:stm32l486vg:-:::::::*
cpe:2.3:h:st:stm32l486zg:-:::::::*
cpe:2.3:h:st:stm32l496ae:-:::::::*
cpe:2.3:h:st:stm32l496ag:-:::::::*
cpe:2.3:h:st:stm32l496qe:-:::::::*
cpe:2.3:h:st:stm32l496qg:-:::::::*
cpe:2.3:h:st:stm32l496re:-:::::::*
cpe:2.3:h:st:stm32l496rg:-:::::::*
cpe:2.3:h:st:stm32l496ve:-:::::::*
cpe:2.3:h:st:stm32l496vg:-:::::::*
cpe:2.3:h:st:stm32l496wg:-:::::::*
cpe:2.3:h:st:stm32l496ze:-:::::::*
cpe:2.3:h:st:stm32l496zg:-:::::::*
cpe:2.3:h:st:stm32l4a6ag:-:::::::*
cpe:2.3:h:st:stm32l4a6qg:-:::::::*
cpe:2.3:h:st:stm32l4a6rg:-:::::::*
cpe:2.3:h:st:stm32l4a6vg:-:::::::*
cpe:2.3:h:st:stm32l4a6zg:-:::::::*

No data.

Advisories

Source	ID	Title
EUVD	EUVD-2021-16049	STMicroelectronics STM32L4 devices through 2021-03-29 have incorrect physical access control.

Fixes

Solution

No solution given by the vendor.

Workaround

No workaround given by the vendor.

References

Link	Providers
https://eprint.iacr.org/2021/640
https://www.aisec.fraunhofer.de/de/das-institut/wissenschaftliche-exzellenz/security-and-trust-in-open-source-security-tokens.html
https://www.sit.fraunhofer.de/en/news-events/downloads-services/cve/

History

No history.

Projects

Sign in to view the affected projects.

MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2021-05-21T11:38:34

Updated: 2024-08-03T22:02:51.868Z

Reserved: 2021-03-29T00:00:00

Link: CVE-2021-29414

Vulnrichment

No data.

NVD

Status : Modified

Published: 2021-05-21T12:15:07.923

Modified: 2024-11-21T06:01:03.067

Link: CVE-2021-29414

Redhat

No data.

OpenCVE Enrichment

No data.

Weaknesses

CWE-74

Metrics

Attack Vector Physical

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact None

Integrity Impact High

Availability Impact High

User Interaction None

Access Vector Local

Access Complexity Low

Authentication None

Confidentiality Impact None

Integrity Impact Partial

Availability Impact Partial

Affected Vendors & Products

Projects

Metrics

Attack Vector Physical

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact None

Integrity Impact High

Availability Impact High

User Interaction None

Access Vector Local

Access Complexity Low

Authentication None

Confidentiality Impact None

Integrity Impact Partial

Availability Impact Partial

Affected Vendors & Products

Projects

JSON object

JSON object

JSON object

JSON object

JSON object