Описание
On NXP Kinetis KV1x, Kinetis KV3x, and Kinetis K8x devices, Flash Access Controls (FAC) (a software IP protection method for execute-only access) can be defeated by observing CPU registers and the effect of code/instruction execution.
Ссылки
- ExploitMitigationThird Party Advisory
- ExploitMitigationThird Party Advisory
Уязвимые конфигурации
Конфигурация 1
Одновременно
cpe:2.3:o:nxp:kinetis_kv1x_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:nxp:kinetis_kv1x:-:*:*:*:*:*:*:*
Конфигурация 2
Одновременно
cpe:2.3:o:nxp:kinetis_kv3x_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:nxp:kinetis_kv3x:-:*:*:*:*:*:*:*
Конфигурация 3
Одновременно
cpe:2.3:o:nxp:kinetis_k8x_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:nxp:kinetis_k8x:-:*:*:*:*:*:*:*
EPSS
Процентиль: 76%
0.00935
Низкий
9.8 Critical
CVSS3
7.5 High
CVSS2
Дефекты
CWE-863
Связанные уязвимости
CVSS3: 9.8
github
больше 3 лет назад
On NXP Kinetis KV1x, Kinetis KV3x, and Kinetis K8x devices, Flash Access Controls (FAC) (a software IP protection method for execute-only access) can be defeated by observing CPU registers and the effect of code/instruction execution.
EPSS
Процентиль: 76%
0.00935
Низкий
9.8 Critical
CVSS3
7.5 High
CVSS2
Дефекты
CWE-863