CVE-2019-14237

On NXP Kinetis KV1x, Kinetis KV3x, and Kinetis K8x devices, Flash Access Controls (FAC) (a software IP protection method for execute-only access) can be defeated by observing CPU registers and the effect of code/instruction execution.
References
Link Resource
https://www.usenix.org/system/files/woot19-paper_schink.pdf Exploit Mitigation Third Party Advisory
Advertisement

NeevaHost hosting service

Configurations

Configuration 1 (hide)

AND
cpe:2.3:o:nxp:kinetis_kv1x_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:nxp:kinetis_kv1x:-:*:*:*:*:*:*:*

Configuration 2 (hide)

AND
cpe:2.3:o:nxp:kinetis_kv3x_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:nxp:kinetis_kv3x:-:*:*:*:*:*:*:*

Configuration 3 (hide)

AND
cpe:2.3:o:nxp:kinetis_k8x_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:nxp:kinetis_k8x:-:*:*:*:*:*:*:*

Information

Published : 2019-09-12 11:15

Updated : 2019-09-16 11:27


NVD link : CVE-2019-14237

Mitre link : CVE-2019-14237


JSON object : View

CWE
CWE-863

Incorrect Authorization

Advertisement

dedicated server usa

Products Affected

nxp

  • kinetis_kv3x_firmware
  • kinetis_kv3x
  • kinetis_kv1x
  • kinetis_k8x_firmware
  • kinetis_k8x
  • kinetis_kv1x_firmware