On NXP Kinetis KV1x, Kinetis KV3x, and Kinetis K8x devices, Flash Access Controls (FAC) (a software IP protection method for execute-only access) can be defeated by observing CPU registers and the effect of code/instruction execution.
References
Link | Resource |
---|---|
https://www.usenix.org/system/files/woot19-paper_schink.pdf | Exploit Mitigation Third Party Advisory |
Configurations
Configuration 1 (hide)
AND |
|
Configuration 2 (hide)
AND |
|
Configuration 3 (hide)
AND |
|
Information
Published : 2019-09-12 11:15
Updated : 2019-09-16 11:27
NVD link : CVE-2019-14237
Mitre link : CVE-2019-14237
JSON object : View
CWE
CWE-863
Incorrect Authorization
Products Affected
nxp
- kinetis_kv3x_firmware
- kinetis_kv3x
- kinetis_kv1x
- kinetis_k8x_firmware
- kinetis_k8x
- kinetis_kv1x_firmware