CVE-2017-7932 (GCVE-0-2017-7932)
Vulnerability from cvelistv5
Published
2017-08-07 08:00
Modified
2024-08-05 16:19
Severity ?
CWE
Summary
An improper certificate validation issue was discovered in NXP i.MX 28 i.MX 50, i.MX 53, i.MX 7Solo i.MX 7Dual Vybrid VF3xx, Vybrid VF5xx, Vybrid VF6xx, i.MX 6ULL, i.MX 6UltraLite, i.MX 6SoloLite, i.MX 6Solo, i.MX 6DualLite, i.MX 6SoloX, i.MX 6Dual, i.MX 6Quad, i.MX 6DualPlus, and i.MX 6QuadPlus. When the device is configured in security enabled configuration, under certain conditions it is possible to bypass the signature verification by using a specially crafted certificate leading to the execution of an unsigned image.
References
Impacted products
Vendor Product Version
n/a NXP i.MX Product Family Version: NXP i.MX Product Family
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T16:19:29.197Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://ics-cert.us-cert.gov/advisories/ICSA-17-152-02"
          },
          {
            "name": "99966",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/99966"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "NXP i.MX Product Family",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "NXP i.MX Product Family"
            }
          ]
        }
      ],
      "datePublic": "2017-08-07T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "An improper certificate validation issue was discovered in NXP i.MX 28 i.MX 50, i.MX 53, i.MX 7Solo i.MX 7Dual Vybrid VF3xx, Vybrid VF5xx, Vybrid VF6xx, i.MX 6ULL, i.MX 6UltraLite, i.MX 6SoloLite, i.MX 6Solo, i.MX 6DualLite, i.MX 6SoloX, i.MX 6Dual, i.MX 6Quad, i.MX 6DualPlus, and i.MX 6QuadPlus. When the device is configured in security enabled configuration, under certain conditions it is possible to bypass the signature verification by using a specially crafted certificate leading to the execution of an unsigned image."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-295",
              "description": "CWE-295",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-08-07T09:57:02",
        "orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
        "shortName": "icscert"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://ics-cert.us-cert.gov/advisories/ICSA-17-152-02"
        },
        {
          "name": "99966",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/99966"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "ics-cert@hq.dhs.gov",
          "ID": "CVE-2017-7932",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "NXP i.MX Product Family",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "NXP i.MX Product Family"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "An improper certificate validation issue was discovered in NXP i.MX 28 i.MX 50, i.MX 53, i.MX 7Solo i.MX 7Dual Vybrid VF3xx, Vybrid VF5xx, Vybrid VF6xx, i.MX 6ULL, i.MX 6UltraLite, i.MX 6SoloLite, i.MX 6Solo, i.MX 6DualLite, i.MX 6SoloX, i.MX 6Dual, i.MX 6Quad, i.MX 6DualPlus, and i.MX 6QuadPlus. When the device is configured in security enabled configuration, under certain conditions it is possible to bypass the signature verification by using a specially crafted certificate leading to the execution of an unsigned image."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-295"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://ics-cert.us-cert.gov/advisories/ICSA-17-152-02",
              "refsource": "MISC",
              "url": "https://ics-cert.us-cert.gov/advisories/ICSA-17-152-02"
            },
            {
              "name": "99966",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/99966"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
    "assignerShortName": "icscert",
    "cveId": "CVE-2017-7932",
    "datePublished": "2017-08-07T08:00:00",
    "dateReserved": "2017-04-18T00:00:00",
    "dateUpdated": "2024-08-05T16:19:29.197Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "nvd": "{\"cve\":{\"id\":\"CVE-2017-7932\",\"sourceIdentifier\":\"ics-cert@hq.dhs.gov\",\"published\":\"2017-08-07T08:29:00.307\",\"lastModified\":\"2025-04-20T01:37:25.860\",\"vulnStatus\":\"Deferred\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"An improper certificate validation issue was discovered in NXP i.MX 28 i.MX 50, i.MX 53, i.MX 7Solo i.MX 7Dual Vybrid VF3xx, Vybrid VF5xx, Vybrid VF6xx, i.MX 6ULL, i.MX 6UltraLite, i.MX 6SoloLite, i.MX 6Solo, i.MX 6DualLite, i.MX 6SoloX, i.MX 6Dual, i.MX 6Quad, i.MX 6DualPlus, and i.MX 6QuadPlus. When the device is configured in security enabled configuration, under certain conditions it is possible to bypass the signature verification by using a specially crafted certificate leading to the execution of an unsigned image.\"},{\"lang\":\"es\",\"value\":\"Se ha descubierto un problema de validaci\u00f3n incorrecta de certificados en NXP i.MX 28 i.MX 50, i.MX 53, i.MX 7Solo i.MX 7Dual Vybrid VF3xx, Vybrid VF5xx, Vybrid VF6xx, i.MX 6ULL, i.MX 6UltraLite, i.MX 6SoloLite, i.MX 6Solo, i.MX 6DualLite, i.MX 6SoloX, i.MX 6Dual, i.MX 6Quad, i.MX 6DualPlus, y i.MX 6QuadPlus. Cuando el dispositivo est\u00e1 configurado con opciones de seguridad habilitadas, bajo algunas condiciones es posible eludir la verificaci\u00f3n de firma utilizando un certificado especialmente manipulado que lleva a la ejecuci\u00f3n de una imagen sin firmar.\"}],\"metrics\":{\"cvssMetricV30\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.0\",\"vectorString\":\"CVSS:3.0/AV:P/AC:H/PR:N/UI:N/S:U/C:L/I:H/A:H\",\"baseScore\":6.0,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"PHYSICAL\",\"attackComplexity\":\"HIGH\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"LOW\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":0.5,\"impactScore\":5.5}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:L/AC:M/Au:N/C:P/I:P/A:P\",\"baseScore\":4.4,\"accessVector\":\"LOCAL\",\"accessComplexity\":\"MEDIUM\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"PARTIAL\",\"availabilityImpact\":\"PARTIAL\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":3.4,\"impactScore\":6.4,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"ics-cert@hq.dhs.gov\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-295\"}]},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-295\"}]}],\"configurations\":[{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:nxp:vybrid_mvf30nn151cku26_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"82ABEF1B-6B93-48B5-B34B-1D155EC55ED8\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:nxp:vybrid_mvf30nn151cku26:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"70A93AF1-F85B-43AC-8D9B-98E47B6B001E\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:nxp:vybrid_mvf30ns151cku26_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A4B81B61-456E-4359-AD6B-2317376AB24C\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:nxp:vybrid_mvf30ns151cku26:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"61D98873-7A8C-449D-A044-B05887A890E2\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:nxp:vybrid_mvf50nn151cmk40_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D26C9279-3069-4093-BA96-2CB70AEDD2F0\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:nxp:vybrid_mvf50nn151cmk40:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3C674A05-5443-402D-B508-62EF31AD15BD\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:nxp:vybrid_mvf50nn151cmk50_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"EB5C139B-A4DC-414C-B278-ED4E5F5492C5\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:nxp:vybrid_mvf50nn151cmk50:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4F14598B-FD3C-4CFC-8DBE-FC1EA733731C\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:nxp:vybrid_mvf50ns151cmk40_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7F1A6ACE-A4B5-48DE-ACE4-DF50A928DE3D\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:nxp:vybrid_mvf50ns151cmk40:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"49CA505E-6B28-41C9-93B0-7406F489BDB0\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:nxp:vybrid_mvf50ns151cmk50_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"78300258-A011-4920-B39C-7B8C0412C921\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:nxp:vybrid_mvf50ns151cmk50:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B8C271C7-E84F-4BF8-AB80-9934BB0A5FCA\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:nxp:vybrid_mvf51nn151cmk50_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"40BA42E1-0931-4ECC-8A90-8485D6071158\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:nxp:vybrid_mvf51nn151cmk50:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8A843151-9A62-4515-A82A-E798DD89EFF0\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:nxp:vybrid_mvf51ns151cmk50_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E296D84B-F3E5-4FBE-AA21-E8FDFB12F448\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:nxp:vybrid_mvf51ns151cmk50:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E2DD4EB6-9AC7-40AD-BFE2-EE9AB100F666\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:nxp:vybrid_mvf60nn151cmk40_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"87DBF157-B729-4FE0-87E2-075C6154CCA7\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:nxp:vybrid_mvf60nn151cmk40:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9DD55202-ABCF-4B87-963D-476507A721FB\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:nxp:vybrid_mvf60ns151cmk40_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FE02CB27-F9E9-46EC-8D66-93482390B6FB\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:nxp:vybrid_mvf60ns151cmk40:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4AD1ACEE-674D-4ECF-BDA5-A371B57DF38F\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:nxp:vybrid_mvf60nn151cmk50_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"902E393B-EDC6-4814-B712-C218BED08866\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:nxp:vybrid_mvf60nn151cmk50:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7ADF82AB-BC34-4CE0-B5E6-9AB40241FFD6\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:nxp:vybrid_mvf60ns151cmk50_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CBEE62D2-1F7D-4083-BB14-0BFA6B8F5A8B\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:nxp:vybrid_mvf60ns151cmk50:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E87BB6B2-BB8B-4264-90F3-EE2E7B63F73B\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:nxp:vybrid_mvf61nn151cmk50_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"42B4DE7F-2141-4954-8A5A-1CA9FC61CA01\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:nxp:vybrid_mvf61nn151cmk50:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A401CC61-AB8A-4AC4-B50B-4953660E9CD0\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:nxp:vybrid_mvf61ns151cmk50_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"881A99E8-BC43-4C28-A394-83171519F1C2\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:nxp:vybrid_mvf61ns151cmk50:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7921E65C-2824-446A-8BC3-563A68808270\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:nxp:vybrid_mvf62nn151cmk40_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"24B3ABED-465D-4897-9EC4-3E6AF1A7519A\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:nxp:vybrid_mvf62nn151cmk40:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3D1A0B17-65C1-44AF-A686-04FBFB5C1AE7\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:nxp:i.mx_50_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7F523DEA-C0B0-4268-9F6A-E48282A32A8C\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:nxp:i.mx_50:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FA014971-DCCC-4B8D-8653-DD3A158B8A1A\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:nxp:i.mx_53_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"14B5CAEA-5120-4089-8E31-0BC959EFF849\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:nxp:i.mx_53:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0496E7EB-4D37-4333-A854-A8D45B8A86D8\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:nxp:i.mx_6ull_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3CF45AD7-B959-452C-81CB-FD9A40D11378\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:nxp:i.mx_6ull:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E2CD0D2A-C1A5-4771-ADAB-70375BF06670\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:nxp:i.mx_6ultralite_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0D3ECF45-3884-4AEF-B26E-72DA6E43F49A\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:nxp:i.mx_6ultralite:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"06A59F6D-0000-4E82-8F16-BC9BC946A7B0\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:nxp:i.mx_6sololite_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"25507E5C-FCAC-46E1-A90F-B9AE7D554F76\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:nxp:i.mx_6sololite:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0C42AF58-A53F-4307-A381-CD1A511F4569\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:nxp:i.mx_6solo_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BA76C3C4-0030-4C52-BCDE-D4D963C2B511\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:nxp:i.mx_6solo:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6A69747C-AE47-4219-8892-461341151E6C\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:nxp:i.mx_6duallite_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"28AF0906-B8CE-40FE-BEE0-03A814C55B0B\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:nxp:i.mx_6duallite:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0F40FEC3-EBBC-4B1D-9677-23B3A6D89B91\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:nxp:i.mx_6solox_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4BCB98D4-51CD-45AB-8C5D-79989A083946\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:nxp:i.mx_6solox:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"71631A11-FB49-4335-BB1B-47EB9061F47B\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:nxp:i.mx_6dual_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"042E76C8-94AD-4F30-AFDC-D6E4C3F49FF0\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:nxp:i.mx_6dual:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"74D9AB2D-303F-4C16-A584-0812DE52C7EF\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:nxp:i.mx_6quad_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A062D5CA-B204-4209-A398-343E191A4AE3\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:nxp:i.mx_6quad:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B2C69EB9-C38F-41AF-B1A6-0E7BB841BA58\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:nxp:i.mx_6quadplus_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CF0BC58B-DFD5-465A-AB3D-724DD05B6199\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:nxp:i.mx_6quadplus:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"623866FF-4E6B-48F8-B601-09AB288294D1\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:nxp:i.mx_6dualplus_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"77688E97-E680-445E-B291-CEABBF0AC460\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:nxp:i.mx_6dualplus:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DB41F948-3B57-4462-9FF5-890FBD038E66\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:nxp:i.mx_28_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"87A416B6-B9A4-4408-8848-214E8947FB78\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:nxp:i.mx_28:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BCEECEEB-834C-4A3C-B907-92836250CC80\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:nxp:i.mx_7dual_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"079CC43E-F536-4C7A-BB92-DA2B0C051680\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:nxp:i.mx_7dual:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E4F7AFD4-FE4A-4D1F-9944-BF67D77E8E5D\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:nxp:i.mx_7solo_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7206B367-4736-4045-8468-C39A41A8435C\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:nxp:i.mx_7solo:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"63F78E63-D311-4D82-A0CE-5A756D469396\"}]}]}],\"references\":[{\"url\":\"http://www.securityfocus.com/bid/99966\",\"source\":\"ics-cert@hq.dhs.gov\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://ics-cert.us-cert.gov/advisories/ICSA-17-152-02\",\"source\":\"ics-cert@hq.dhs.gov\",\"tags\":[\"Third Party Advisory\",\"US Government Resource\",\"VDB Entry\"]},{\"url\":\"http://www.securityfocus.com/bid/99966\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://ics-cert.us-cert.gov/advisories/ICSA-17-152-02\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"US Government Resource\",\"VDB Entry\"]}]}}"
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.