CVE-2017-7936
Severity Score
6.3
*CVSS v3
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
0
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
A stack-based buffer overflow issue was discovered in NXP i.MX 50, i.MX 53, i.MX 6ULL, i.MX 6UltraLite, i.MX 6SoloLite, i.MX 6Solo, i.MX 6DualLite, i.MX 6SoloX, i.MX 6Dual, i.MX 6Quad, i.MX 6DualPlus, i.MX 6QuadPlus, Vybrid VF3xx, Vybrid VF5xx, and Vybrid VF6xx. When the device is configured in security enabled configuration, SDP could be used to download a small section of code to an unprotected region of memory.
Se ha descubierto un error de desbordamiento de búfer basado en pila en NXP i.MX 50, i.MX 53, i.MX 6ULL, i.MX 6UltraLite, i.MX 6SoloLite, i.MX 6Solo, i.MX 6DualLite, i.MX 6SoloX, i.MX 6Dual, i.MX 6Quad, i.MX 6DualPlus, i.MX 6QuadPlus, Vybrid VF3xx, Vybrid VF5xx, y Vybrid VF6xx. Cuando el dispositivo está configurado con opciones con seguridad habilitadas, se podría utilizar SDP para descargar una pequeña sección de código en una parte desprotegida de memoria.
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2017-04-18 CVE Reserved
- 2017-08-07 CVE Published
- 2023-03-08 EPSS Updated
- 2024-08-05 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer
- CWE-121: Stack-based Buffer Overflow
CAPEC
References (2)
| URL | Tag | Source |
|---|---|---|
| http://www.securityfocus.com/bid/99966 | Third Party Advisory | |
| https://ics-cert.us-cert.gov/advisories/ICSA-17-152-02 | Third Party Advisory |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Nxp Search vendor "Nxp" | Vybrid Mvf30nn151cku26 Firmware Search vendor "Nxp" for product "Vybrid Mvf30nn151cku26 Firmware" | - | - |
Affected
| in | Nxp Search vendor "Nxp" | Vybrid Mvf30nn151cku26 Search vendor "Nxp" for product "Vybrid Mvf30nn151cku26" | - | - |
Safe
|
| Nxp Search vendor "Nxp" | Vybrid Mvf30ns151cku26 Firmware Search vendor "Nxp" for product "Vybrid Mvf30ns151cku26 Firmware" | - | - |
Affected
| in | Nxp Search vendor "Nxp" | Vybrid Mvf30ns151cku26 Search vendor "Nxp" for product "Vybrid Mvf30ns151cku26" | - | - |
Safe
|
| Nxp Search vendor "Nxp" | Vybrid Mvf50nn151cmk40 Firmware Search vendor "Nxp" for product "Vybrid Mvf50nn151cmk40 Firmware" | - | - |
Affected
| in | Nxp Search vendor "Nxp" | Vybrid Mvf50nn151cmk40 Search vendor "Nxp" for product "Vybrid Mvf50nn151cmk40" | - | - |
Safe
|
| Nxp Search vendor "Nxp" | Vybrid Mvf50nn151cmk50 Firmware Search vendor "Nxp" for product "Vybrid Mvf50nn151cmk50 Firmware" | - | - |
Affected
| in | Nxp Search vendor "Nxp" | Vybrid Mvf50nn151cmk50 Search vendor "Nxp" for product "Vybrid Mvf50nn151cmk50" | - | - |
Safe
|
| Nxp Search vendor "Nxp" | Vybrid Mvf50ns151cmk40 Firmware Search vendor "Nxp" for product "Vybrid Mvf50ns151cmk40 Firmware" | - | - |
Affected
| in | Nxp Search vendor "Nxp" | Vybrid Mvf50ns151cmk40 Search vendor "Nxp" for product "Vybrid Mvf50ns151cmk40" | - | - |
Safe
|
| Nxp Search vendor "Nxp" | Vybrid Mvf50ns151cmk50 Firmware Search vendor "Nxp" for product "Vybrid Mvf50ns151cmk50 Firmware" | - | - |
Affected
| in | Nxp Search vendor "Nxp" | Vybrid Mvf50ns151cmk50 Search vendor "Nxp" for product "Vybrid Mvf50ns151cmk50" | - | - |
Safe
|
| Nxp Search vendor "Nxp" | Vybrid Mvf51nn151cmk50 Firmware Search vendor "Nxp" for product "Vybrid Mvf51nn151cmk50 Firmware" | - | - |
Affected
| in | Nxp Search vendor "Nxp" | Vybrid Mvf51nn151cmk50 Search vendor "Nxp" for product "Vybrid Mvf51nn151cmk50" | - | - |
Safe
|
| Nxp Search vendor "Nxp" | Vybrid Mvf51ns151cmk50 Firmware Search vendor "Nxp" for product "Vybrid Mvf51ns151cmk50 Firmware" | - | - |
Affected
| in | Nxp Search vendor "Nxp" | Vybrid Mvf51ns151cmk50 Search vendor "Nxp" for product "Vybrid Mvf51ns151cmk50" | - | - |
Safe
|
| Nxp Search vendor "Nxp" | Vybrid Mvf60nn151cmk40 Firmware Search vendor "Nxp" for product "Vybrid Mvf60nn151cmk40 Firmware" | - | - |
Affected
| in | Nxp Search vendor "Nxp" | Vybrid Mvf60nn151cmk40 Search vendor "Nxp" for product "Vybrid Mvf60nn151cmk40" | - | - |
Safe
|
| Nxp Search vendor "Nxp" | Vybrid Mvf60ns151cmk40 Firmware Search vendor "Nxp" for product "Vybrid Mvf60ns151cmk40 Firmware" | - | - |
Affected
| in | Nxp Search vendor "Nxp" | Vybrid Mvf60ns151cmk40 Search vendor "Nxp" for product "Vybrid Mvf60ns151cmk40" | - | - |
Safe
|
| Nxp Search vendor "Nxp" | Vybrid Mvf60nn151cmk50 Firmware Search vendor "Nxp" for product "Vybrid Mvf60nn151cmk50 Firmware" | - | - |
Affected
| in | Nxp Search vendor "Nxp" | Vybrid Mvf60nn151cmk50 Search vendor "Nxp" for product "Vybrid Mvf60nn151cmk50" | - | - |
Safe
|
| Nxp Search vendor "Nxp" | Vybrid Mvf60ns151cmk50 Firmware Search vendor "Nxp" for product "Vybrid Mvf60ns151cmk50 Firmware" | - | - |
Affected
| in | Nxp Search vendor "Nxp" | Vybrid Mvf60ns151cmk50 Search vendor "Nxp" for product "Vybrid Mvf60ns151cmk50" | - | - |
Safe
|
| Nxp Search vendor "Nxp" | Vybrid Mvf61nn151cmk50 Firmware Search vendor "Nxp" for product "Vybrid Mvf61nn151cmk50 Firmware" | - | - |
Affected
| in | Nxp Search vendor "Nxp" | Vybrid Mvf61nn151cmk50 Search vendor "Nxp" for product "Vybrid Mvf61nn151cmk50" | - | - |
Safe
|
| Nxp Search vendor "Nxp" | Vybrid Mvf61ns151cmk50 Firmware Search vendor "Nxp" for product "Vybrid Mvf61ns151cmk50 Firmware" | - | - |
Affected
| in | Nxp Search vendor "Nxp" | Vybrid Mvf61ns151cmk50 Search vendor "Nxp" for product "Vybrid Mvf61ns151cmk50" | - | - |
Safe
|
| Nxp Search vendor "Nxp" | Vybrid Mvf62nn151cmk40 Firmware Search vendor "Nxp" for product "Vybrid Mvf62nn151cmk40 Firmware" | - | - |
Affected
| in | Nxp Search vendor "Nxp" | Vybrid Mvf62nn151cmk40 Search vendor "Nxp" for product "Vybrid Mvf62nn151cmk40" | - | - |
Safe
|
| Nxp Search vendor "Nxp" | I.mx 50 Firmware Search vendor "Nxp" for product "I.mx 50 Firmware" | - | - |
Affected
| in | Nxp Search vendor "Nxp" | I.mx 50 Search vendor "Nxp" for product "I.mx 50" | - | - |
Safe
|
| Nxp Search vendor "Nxp" | I.mx 53 Firmware Search vendor "Nxp" for product "I.mx 53 Firmware" | - | - |
Affected
| in | Nxp Search vendor "Nxp" | I.mx 53 Search vendor "Nxp" for product "I.mx 53" | - | - |
Safe
|
| Nxp Search vendor "Nxp" | I.mx 6ull Firmware Search vendor "Nxp" for product "I.mx 6ull Firmware" | - | - |
Affected
| in | Nxp Search vendor "Nxp" | I.mx 6ull Search vendor "Nxp" for product "I.mx 6ull" | - | - |
Safe
|
| Nxp Search vendor "Nxp" | I.mx 6ultralite Firmware Search vendor "Nxp" for product "I.mx 6ultralite Firmware" | - | - |
Affected
| in | Nxp Search vendor "Nxp" | I.mx 6ultralite Search vendor "Nxp" for product "I.mx 6ultralite" | - | - |
Safe
|
| Nxp Search vendor "Nxp" | I.mx 6sololite Firmware Search vendor "Nxp" for product "I.mx 6sololite Firmware" | - | - |
Affected
| in | Nxp Search vendor "Nxp" | I.mx 6sololite Search vendor "Nxp" for product "I.mx 6sololite" | - | - |
Safe
|
| Nxp Search vendor "Nxp" | I.mx 6solo Firmware Search vendor "Nxp" for product "I.mx 6solo Firmware" | - | - |
Affected
| in | Nxp Search vendor "Nxp" | I.mx 6solo Search vendor "Nxp" for product "I.mx 6solo" | - | - |
Safe
|
| Nxp Search vendor "Nxp" | I.mx 6duallite Firmware Search vendor "Nxp" for product "I.mx 6duallite Firmware" | - | - |
Affected
| in | Nxp Search vendor "Nxp" | I.mx 6duallite Search vendor "Nxp" for product "I.mx 6duallite" | - | - |
Safe
|
| Nxp Search vendor "Nxp" | I.mx 6solox Firmware Search vendor "Nxp" for product "I.mx 6solox Firmware" | - | - |
Affected
| in | Nxp Search vendor "Nxp" | I.mx 6solox Search vendor "Nxp" for product "I.mx 6solox" | - | - |
Safe
|
| Nxp Search vendor "Nxp" | I.mx 6dual Firmware Search vendor "Nxp" for product "I.mx 6dual Firmware" | - | - |
Affected
| in | Nxp Search vendor "Nxp" | I.mx 6dual Search vendor "Nxp" for product "I.mx 6dual" | - | - |
Safe
|
| Nxp Search vendor "Nxp" | I.mx 6quad Firmware Search vendor "Nxp" for product "I.mx 6quad Firmware" | - | - |
Affected
| in | Nxp Search vendor "Nxp" | I.mx 6quad Search vendor "Nxp" for product "I.mx 6quad" | - | - |
Safe
|
| Nxp Search vendor "Nxp" | I.mx 6quadplus Firmware Search vendor "Nxp" for product "I.mx 6quadplus Firmware" | - | - |
Affected
| in | Nxp Search vendor "Nxp" | I.mx 6quadplus Search vendor "Nxp" for product "I.mx 6quadplus" | - | - |
Safe
|
| Nxp Search vendor "Nxp" | I.mx 6dualplus Firmware Search vendor "Nxp" for product "I.mx 6dualplus Firmware" | - | - |
Affected
| in | Nxp Search vendor "Nxp" | I.mx 6dualplus Search vendor "Nxp" for product "I.mx 6dualplus" | - | - |
Safe
|