CVSS: 5.9EPSS: 0%CPEs: 22EXPL: 0CVE-2020-20949
https://notcve.org/view.php?id=CVE-2020-20949
20 Jan 2021 — Bleichenbacher's attack on PKCS #1 v1.5 padding for RSA in STM32 cryptographic firmware library software expansion for STM32Cube (UM1924). The vulnerability can allow one to use Bleichenbacher's oracle attack to decrypt an encrypted ciphertext by making successive queries to the server using the vulnerable library, resulting in remote information disclosure. El ataque de Bleichenbacher en el relleno PKCS #1 v1.5 para RSA en la expansión del software de la biblioteca de firmware criptográfico STM32 para STM3... • http://archiv.infsec.ethz.ch/education/fs08/secsem/bleichenbacher98.pdf • CWE-327: Use of a Broken or Risky Cryptographic Algorithm •
CVSS: 7.2EPSS: 0%CPEs: 2EXPL: 0CVE-2020-13466
https://notcve.org/view.php?id=CVE-2020-13466
31 Aug 2020 — STMicroelectronics STM32F103 devices through 2020-05-20 allow physical attackers to execute arbitrary code via a power glitch and a specific flash patch/breakpoint unit configuration. Los dispositivos STMicroelectronics STM32F103 versiones hasta el 20-05-2020, permiten a atacantes físicos ejecutar código arbitrario por medio de un fallo de alimentación y una configuración de unidad patch/breakpoint flash específica • https://www.usenix.org/system/files/woot20-paper-obermaier.pdf •
CVSS: 7.5EPSS: 4%CPEs: 2EXPL: 2CVE-2020-8004
https://notcve.org/view.php?id=CVE-2020-8004
06 Apr 2020 — STMicroelectronics STM32F1 devices have Incorrect Access Control. Los dispositivos STMicroelectronics STM32F1, presentan un Control de Acceso Incorrecto. • https://github.com/wuxx/CVE-2020-8004 •
CVSS: 6.5EPSS: 0%CPEs: 4EXPL: 1CVE-2019-19192
https://notcve.org/view.php?id=CVE-2019-19192
12 Feb 2020 — The Bluetooth Low Energy implementation on STMicroelectronics BLE Stack through 1.3.1 for STM32WB5x devices does not properly handle consecutive Attribute Protocol (ATT) requests on reception, allowing attackers in radio range to cause an event deadlock or crash via crafted packets. La implementación de Bluetooth Low Energy en STMicroelectronics BLE Stack versiones hasta 1.3.1 para dispositivos STM32WB5x no maneja apropiadamente las peticiones consecutivas de Attribute Protocol (ATT) en la recepción, lo que... • https://asset-group.github.io/disclosures/sweyntooth • CWE-20: Improper Input Validation •
CVSS: 5.9EPSS: 0%CPEs: 18EXPL: 0CVE-2019-16863
https://notcve.org/view.php?id=CVE-2019-16863
14 Nov 2019 — STMicroelectronics ST33TPHF2ESPI TPM devices before 2019-09-12 allow attackers to extract the ECDSA private key via a side-channel timing attack because ECDSA scalar multiplication is mishandled, aka TPM-FAIL. Los dispositivos STMicroelectronics ST33TPHF2ESPI TPM antes del 12-09-2019, permiten a atacantes extraer la clave privada ECDSA por medio de un ataque de sincronización de canal lateral porque la multiplicación escalar de ECDSA es manejada inapropiadamente, también se conoce como TPM-FAIL. • http://tpm.fail • CWE-203: Observable Discrepancy CWE-327: Use of a Broken or Risky Cryptographic Algorithm •
CVSS: 6.6EPSS: 0%CPEs: 12EXPL: 2CVE-2019-14238
https://notcve.org/view.php?id=CVE-2019-14238
24 Sep 2019 — On STMicroelectronics STM32F7 devices, Proprietary Code Read Out Protection (PCROP) (a software IP protection method) can be defeated with a debug probe via the Instruction Tightly Coupled Memory (ITCM) bus. En los dispositivos STMicroelectronics STM32F7, la Proprietary Code Read Out Protection (PCROP) (un método de protección IP de software) puede ser superada con una sonda de depuración por medio del bus Instruction Tightly Coupled Memory (ITCM). • https://www.usenix.org/conference/woot19/presentation/schink • CWE-287: Improper Authentication •
CVSS: 9.8EPSS: 0%CPEs: 12EXPL: 1CVE-2019-14236
https://notcve.org/view.php?id=CVE-2019-14236
12 Sep 2019 — On STMicroelectronics STM32L0, STM32L1, STM32L4, STM32F4, STM32F7, and STM32H7 devices, Proprietary Code Read Out Protection (PCROP) (a software IP protection method) can be defeated by observing CPU registers and the effect of code/instruction execution. En los dispositivos STMicroelectronics STM32L0, STM32L1, STM32L4, STM32F4, STM32F7 y STM32H7, Proprietary Code Read Out Protection (PCROP) (un método de protección IP de software) puede ser superado observando los registros de la CPU y el efecto de la ejec... • https://www.usenix.org/system/files/woot19-paper_schink.pdf • CWE-863: Incorrect Authorization •
CVSS: 4.9EPSS: 0%CPEs: 146EXPL: 2CVE-2017-18347
https://notcve.org/view.php?id=CVE-2017-18347
12 Sep 2018 — Incorrect access control in RDP Level 1 on STMicroelectronics STM32F0 series devices allows physically present attackers to extract the device's protected firmware via a special sequence of Serial Wire Debug (SWD) commands because there is a race condition between full initialization of the SWD interface and the setup of flash protection. Control de acceso incorrecto en RDP Level 1 en productos STMicroelectronics, serie STM32F0, permite que atacantes físicamente presentes extraigan el firmware protegido del... • https://community.st.com/s/question/0D50X00009Xke7aSAB/readout-protection-cracked-on-stm32 • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •
CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 2CVE-2017-16224
https://notcve.org/view.php?id=CVE-2017-16224
07 Jun 2018 — st is a module for serving static files. An attacker is able to craft a request that results in an HTTP 301 (redirect) to an entirely different domain. A request for: http://some.server.com//nodesecurity.org/%2e%2e would result in a 301 to //nodesecurity.org/%2e%2e which most browsers treat as a proper redirect as // is translated into the current schema being used. Mitigating factor: In order for this to work, st must be serving from the root of a server (/) rather than the typical sub directory (/static/)... • https://github.com/ossf-cve-benchmark/CVE-2017-16224 • CWE-601: URL Redirection to Untrusted Site ('Open Redirect') •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2003-0392
https://notcve.org/view.php?id=CVE-2003-0392
10 Jun 2003 — Directory traversal vulnerability in ST FTP Service 3.0 allows remote attackers to list arbitrary directories via a CD command with a DoS drive letter argument (e.g. E:). Vulnerabilidad de atravesamiento de directorios en el ST FTP Service 3.0 permite a atacantes remotos listar directorios arbitrarios mediante un comando CD con un argumento de letra de unidad de DOS (por ejemplo E:) • http://marc.info/?l=bugtraq&m=105372353017778&w=2 •