CVSS: 9.8EPSS: 1%CPEs: 12EXPL: 1CVE-2019-14236
https://notcve.org/view.php?id=CVE-2019-14236
On STMicroelectronics STM32L0, STM32L1, STM32L4, STM32F4, STM32F7, and STM32H7 devices, Proprietary Code Read Out Protection (PCROP) (a software IP protection method) can be defeated by observing CPU registers and the effect of code/instruction execution. En los dispositivos STMicroelectronics STM32L0, STM32L1, STM32L4, STM32F4, STM32F7 y STM32H7, Proprietary Code Read Out Protection (PCROP) (un método de protección IP de software) puede ser superado observando los registros de la CPU y el efecto de la ejecución de código e instrucción. • https://www.usenix.org/system/files/woot19-paper_schink.pdf • CWE-863: Incorrect Authorization •
CVSS: 4.9EPSS: 0%CPEs: 146EXPL: 2CVE-2017-18347
https://notcve.org/view.php?id=CVE-2017-18347
Incorrect access control in RDP Level 1 on STMicroelectronics STM32F0 series devices allows physically present attackers to extract the device's protected firmware via a special sequence of Serial Wire Debug (SWD) commands because there is a race condition between full initialization of the SWD interface and the setup of flash protection. Control de acceso incorrecto en RDP Level 1 en productos STMicroelectronics, serie STM32F0, permite que atacantes físicamente presentes extraigan el firmware protegido del dispositivo mediante una secuencia especial de comandos SWD (Serial Wire Debug) debido a que hay una condición de carrera entre la inicialización completa de la interfaz SWD y la instalación de la protección flash. • https://community.st.com/s/question/0D50X00009Xke7aSAB/readout-protection-cracked-on-stm32 https://www.aisec.fraunhofer.de/en/FirmwareProtection.html https://www.usenix.org/conference/woot17/workshop-program/presentation/obermaier • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •
CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 2CVE-2017-16224
https://notcve.org/view.php?id=CVE-2017-16224
st is a module for serving static files. An attacker is able to craft a request that results in an HTTP 301 (redirect) to an entirely different domain. A request for: http://some.server.com//nodesecurity.org/%2e%2e would result in a 301 to //nodesecurity.org/%2e%2e which most browsers treat as a proper redirect as // is translated into the current schema being used. Mitigating factor: In order for this to work, st must be serving from the root of a server (/) rather than the typical sub directory (/static/) and the redirect URL will end with some form of URL encoded .. ("%2e%2e", "%2e. • https://github.com/ossf-cve-benchmark/CVE-2017-16224 https://nodesecurity.io/advisories/547 • CWE-601: URL Redirection to Untrusted Site ('Open Redirect') •
CVSS: 6.4EPSS: 0%CPEs: 1EXPL: 0CVE-2003-0392
https://notcve.org/view.php?id=CVE-2003-0392
Directory traversal vulnerability in ST FTP Service 3.0 allows remote attackers to list arbitrary directories via a CD command with a DoS drive letter argument (e.g. E:). Vulnerabilidad de atravesamiento de directorios en el ST FTP Service 3.0 permite a atacantes remotos listar directorios arbitrarios mediante un comando CD con un argumento de letra de unidad de DOS (por ejemplo E:) • http://marc.info/?l=bugtraq&m=105372353017778&w=2 •