CVE-2023-39902

Severity Score

7.8

*CVSS v3.1

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

*Multiple Sources

Exploited in Wild

*KEV

Decision

Track*

*SSVC

Descriptions

A software vulnerability has been identified in the U-Boot Secondary Program Loader (SPL) before 2023.07 on select NXP i.MX 8M family processors. Under certain conditions, a crafted Flattened Image Tree (FIT) format structure can be used to overwrite SPL memory, allowing unauthenticated software to execute on the target, leading to privilege escalation. This affects i.MX 8M, i.MX 8M Mini, i.MX 8M Nano, and i.MX 8M Plus.

Se identificó una vulnerabilidad de software en U-Boot Secondary Program Loader (SPL) antes de 2023.07 en procesadores seleccionados de la familia NXP i.MX 8M. En determinadas condiciones, se puede utilizar una estructura de Flattened Image Tree (FIT) manipulada para sobrescribir la memoria SPL, lo que permite que se ejecute software no autenticado en el destino, lo que lleva a una escalada de privilegios. Esto afecta a i.MX 8M, i.MX 8M Mini, i.MX 8M Nano y i.MX 8M Plus.

*Credits: N/A

CVSS Scores

Attack Vector

Local

Attack Complexity

Low

Privileges Required

Low

User Interaction

None

Scope

Unchanged

Confidentiality

High

Integrity

High

Availability

High

Attack Vector

Local

Attack Complexity

High

Privileges Required

Low

User Interaction

None

Scope

Unchanged

Confidentiality

High

Integrity

High

Availability

High

Attack Vector

Local

Attack Complexity

High

Privileges Required

Low

User Interaction

None

Scope

Unchanged

Confidentiality

High

Integrity

High

Availability

High

* Common Vulnerability Scoring System

SSVC

Decision:Track*

Exploitation

None

Automatable

Tech. Impact

Total

* Organization's Worst-case Scenario

Timeline

2023-08-07 CVE Reserved
2023-10-17 CVE Published
2023-10-18 EPSS Updated
2024-09-16 CVE Updated
---------- Exploited in Wild
---------- KEV Due Date
---------- First Exploit

CWE

CWE-281: Improper Preservation of Permissions

CAPEC

References (2)

URL	Tag	Source
https://nxp.com	Product

URL	Date	SRC

URL	Date	SRC
https://community.nxp.com/t5/i-MX-Security/U-Boot-Secondary-Program-Loader-Authentication-Vulnerability-CVE/ta-p/1736196	2023-10-24

URL	Date	SRC

Affected Vendors, Products, and Versions

Vendor		Product				Version		Other		Status
Vendor	Product	Version	Other	Status	<-- -->	Vendor	Product	Version	Other	Status
Nxp Search vendor "Nxp"	Uboot Secondary Program Loader Search vendor "Nxp" for product "Uboot Secondary Program Loader"	< 2023.07 Search vendor "Nxp" for product "Uboot Secondary Program Loader" and version " < 2023.07"	-	Affected	in	Nxp Search vendor "Nxp"	I.mx 8m Search vendor "Nxp" for product "I.mx 8m"	-	-	Safe
Nxp Search vendor "Nxp"	Uboot Secondary Program Loader Search vendor "Nxp" for product "Uboot Secondary Program Loader"	< 2023.07 Search vendor "Nxp" for product "Uboot Secondary Program Loader" and version " < 2023.07"	-	Affected	in	Nxp Search vendor "Nxp"	I.mx 8m Mini Search vendor "Nxp" for product "I.mx 8m Mini"	-	-	Safe
Nxp Search vendor "Nxp"	Uboot Secondary Program Loader Search vendor "Nxp" for product "Uboot Secondary Program Loader"	< 2023.07 Search vendor "Nxp" for product "Uboot Secondary Program Loader" and version " < 2023.07"	-	Affected	in	Nxp Search vendor "Nxp"	I.mx 8m Nano Search vendor "Nxp" for product "I.mx 8m Nano"	-	-	Safe
Nxp Search vendor "Nxp"	Uboot Secondary Program Loader Search vendor "Nxp" for product "Uboot Secondary Program Loader"	< 2023.07 Search vendor "Nxp" for product "Uboot Secondary Program Loader" and version " < 2023.07"	-	Affected	in	Nxp Search vendor "Nxp"	I.mx 8m Plus Search vendor "Nxp" for product "I.mx 8m Plus"	-	-	Safe