CVE-2021-40154
6.1
CVSS:3.1/AC:L/AV:L/A:L/C:H/I:N/PR:L/S:U/UI:N
Summary
NXP LPC55S69 devices before A3 have a buffer over-read via a crafted wlength value in a GET Descriptor Configuration request during use of USB In-System Programming (ISP) mode. This discloses protected flash memory.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| n/a | n/a | n/a | affected |
Weaknesses
- n/a
ADP Enrichment
CVE Program Container
Additional References
- https://www.darkmatter.ae/xen1thlabs/published-advisories/
- https://github.com/Xen1thLabs-AE/CVE-2021-40154
References
- https://www.darkmatter.ae/xen1thlabs/published-advisories/
- https://github.com/Xen1thLabs-AE/CVE-2021-40154
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.