Lucene search

MitreCVE-2021-31532

HistoryMay 06, 2021 - 1:15 p.m.

CVE-2021-31532

2021-05-0613:15:12

mitre

web.nvd.nist.gov

cve-2021-31532

nxp

lpc55s6x

i.mx rt500

i.mx rt600

microcontrollers

rom patch

vulnerability

security

nvd

CVSS2

4.6

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:P/I:P/A:P

CVSS3

6.8

Attack Vector

PHYSICAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

AI Score

6.6

Confidence

High

EPSS

0.001

Percentile

44.2%

JSON

NXP LPC55S6x microcontrollers (0A and 1B), i.MX RT500 (silicon rev B1 and B2), i.MX RT600 (silicon rev A0, B0), LPC55S6x, LPC55S2x, LPC552x (silicon rev 0A, 1B), LPC55S1x, LPC551x (silicon rev 0A) and LPC55S0x, LPC550x (silicon rev 0A) include an undocumented ROM patch peripheral that allows unsigned, non-persistent modification of the internal ROM.

Affected configurations

Nvd

Node

nxplpc55s69jbd100Match0a

nxplpc55s69jbd100Match1b

AND

nxplpc55s69jbd100_firmwareMatch-

Node

nxplpc55s66jbd100Match0a

nxplpc55s66jbd100Match1b

AND

nxplpc55s66jbd100_firmwareMatch-

Node

nxplpc55s69jev98Match0a

nxplpc55s69jev98Match1b

AND

nxplpc55s69jev98_firmwareMatch-

Node

nxplpcs66jev98Match0a

nxplpcs66jev98Match1b

AND

nxplpcs66jev98_firmwareMatch-

Node

nxplpc55s69jbd64Match0a

nxplpc55s69jbd64Match1b

AND

nxplpc55s69jbd64_firmwareMatch-

Node

nxplpcs66jbd64Match0a

nxplpcs66jbd64Match1b

AND

nxplpcs66jbd64_firmwareMatch-

Node

nxpi.mx_rt500Matchb1

nxpi.mx_rt500Matchb2

AND

nxpi.mx_rt500_firmwareMatch-

Node

nxpi.mx_rt600Matcha0

nxpi.mx_rt600Matchb0

AND

nxpi.mx_rt600_firmwareMatch-

Node

nxplpc55s28_firmwareMatch-

AND

nxplpc55s28Match0a

nxplpc55s28Match1b

Node

nxplpc55s26_firmwareMatch-

AND

nxplpc55s26Match0a

nxplpc55s26Match1b

Node

nxplpc5528_firmwareMatch-

AND

nxplpc5528Match0a

nxplpc5528Match1b

Node

nxplpc5526_firmwareMatch-

AND

nxplpc5526Match0a

nxplpc5526Match1b

Node

nxplpc55s16jbd100_firmwareMatch-

AND

nxplpc55s16jbd100Match0a

Node

nxplpc55s16jev98_firmwareMatch-

AND

nxplpc55s16jev98Match0a

Node

nxplpc55s16jbd64_firmwareMatch-

AND

nxplpc55s16jbd64Match0a

Node

nxplpc55s14jbd100_firmwareMatch-

AND

nxplpc55s14jbd100Match0a

Node

nxplpc55s14jbd64_firmwareMatch-

AND

nxplpc55s14jbd64Match0a

Node

nxplpc5516jbd100_firmwareMatch-

AND

nxplpc5516jbd100Match0a

Node

nxplpc5516jev98_firmwareMatch-

AND

nxplpc5516jev98Match0a

Node

nxplpc5516jbd64_firmwareMatch-

AND

nxplpc5516jbd64Match0a

Node

nxplpc5514jbd100_firmwareMatch-

AND

nxplpc5514jbd100Match0a

Node

nxplpc5514jbd64_firmwareMatch-

AND

nxplpc5514jbd64Match0a

Node

nxplpc5512jbd100_firmwareMatch-

AND

nxplpc5512jbd100Match0a

Node

nxplpc5512jbd64_firmwareMatch-

AND

nxplpc5512jbd64Match0a

VendorProductVersionCPE
nxplpc55s69jbd1000acpe:2.3:h:nxp:lpc55s69jbd100:0a:*:*:*:*:*:*:*
nxplpc55s69jbd1001bcpe:2.3:h:nxp:lpc55s69jbd100:1b:*:*:*:*:*:*:*
nxplpc55s69jbd100_firmware-cpe:2.3:o:nxp:lpc55s69jbd100_firmware:-:*:*:*:*:*:*:*
nxplpc55s66jbd1000acpe:2.3:h:nxp:lpc55s66jbd100:0a:*:*:*:*:*:*:*
nxplpc55s66jbd1001bcpe:2.3:h:nxp:lpc55s66jbd100:1b:*:*:*:*:*:*:*
nxplpc55s66jbd100_firmware-cpe:2.3:o:nxp:lpc55s66jbd100_firmware:-:*:*:*:*:*:*:*
nxplpc55s69jev980acpe:2.3:h:nxp:lpc55s69jev98:0a:*:*:*:*:*:*:*
nxplpc55s69jev981bcpe:2.3:h:nxp:lpc55s69jev98:1b:*:*:*:*:*:*:*
nxplpc55s69jev98_firmware-cpe:2.3:o:nxp:lpc55s69jev98_firmware:-:*:*:*:*:*:*:*
nxplpcs66jev980acpe:2.3:h:nxp:lpcs66jev98:0a:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
nxp	lpc55s69jbd100	0a	cpe:2.3:h:nxp:lpc55s69jbd100:0a:::::::*
nxp	lpc55s69jbd100	1b	cpe:2.3:h:nxp:lpc55s69jbd100:1b:::::::*
nxp	lpc55s69jbd100_firmware	-	cpe:2.3:o:nxp:lpc55s69jbd100_firmware:-:::::::*
nxp	lpc55s66jbd100	0a	cpe:2.3:h:nxp:lpc55s66jbd100:0a:::::::*
nxp	lpc55s66jbd100	1b	cpe:2.3:h:nxp:lpc55s66jbd100:1b:::::::*
nxp	lpc55s66jbd100_firmware	-	cpe:2.3:o:nxp:lpc55s66jbd100_firmware:-:::::::*
nxp	lpc55s69jev98	0a	cpe:2.3:h:nxp:lpc55s69jev98:0a:::::::*
nxp	lpc55s69jev98	1b	cpe:2.3:h:nxp:lpc55s69jev98:1b:::::::*
nxp	lpc55s69jev98_firmware	-	cpe:2.3:o:nxp:lpc55s69jev98_firmware:-:::::::*
nxp	lpcs66jev98	0a	cpe:2.3:h:nxp:lpcs66jev98:0a:::::::*

Rows per page:

1-10 of 601

References

oxide.computer/blog/lpc55/

www.nxp.com

CVSS2

4.6

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:P/I:P/A:P

CVSS3

6.8

Attack Vector

PHYSICAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

AI Score

6.6

Confidence

High

EPSS

0.001

Percentile

44.2%

JSON

Related for CVE-2021-31532