CVE-2021-29414

  1. Reconshell
  2. Vulnerabilities (CVE)
  3. CVE-2021-29414
STMicroelectronics STM32L4 devices through 2021-03-29 have incorrect physical access control.

6.1 /10

CVSS v3.0 : MEDIUM

V3 Legend

Vector :

Exploitability : 0.9 / Impact : 5.2

Attack Vector PHYSICAL

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

3.6 /10

CVSS v2.0 : LOW

V2 Legend

Vector : AV:L/AC:L/Au:N/C:N/I:P/A:P

Exploitability : 3.9 / Impact : 4.9

Access Vector LOCAL

Access Complexity LOW

Authentication NONE

Confidentiality Impact NONE

Integrity Impact PARTIAL

Availability Impact PARTIAL

References
Link Resource
https://www.sit.fraunhofer.de/en/news-events/downloads-services/cve/ Not Applicable
https://eprint.iacr.org/2021/640 Third Party Advisory
https://www.aisec.fraunhofer.de/de/das-institut/wissenschaftliche-exzellenz/security-and-trust-in-open-source-security-tokens.html Third Party Advisory
Advertisement

NeevaHost hosting service
Configurations

Configuration 1 (hide)

AND
cpe:2.3:o:st:stm32cubel4_firmware:*:*:*:*:*:*:*:*
OR cpe:2.3:h:st:stm32l412c8:-:*:*:*:*:*:*:*
cpe:2.3:h:st:stm32l412cb:-:*:*:*:*:*:*:*
cpe:2.3:h:st:stm32l412k8:-:*:*:*:*:*:*:*
cpe:2.3:h:st:stm32l412kb:-:*:*:*:*:*:*:*
cpe:2.3:h:st:stm32l412r8:-:*:*:*:*:*:*:*
cpe:2.3:h:st:stm32l412rb:-:*:*:*:*:*:*:*
cpe:2.3:h:st:stm32l412t8:-:*:*:*:*:*:*:*
cpe:2.3:h:st:stm32l412tb:-:*:*:*:*:*:*:*
cpe:2.3:h:st:stm32l422cb:-:*:*:*:*:*:*:*
cpe:2.3:h:st:stm32l422kb:-:*:*:*:*:*:*:*
cpe:2.3:h:st:stm32l422rb:-:*:*:*:*:*:*:*
cpe:2.3:h:st:stm32l422tb:-:*:*:*:*:*:*:*
cpe:2.3:h:st:stm32l431cb:-:*:*:*:*:*:*:*
cpe:2.3:h:st:stm32l431cc:-:*:*:*:*:*:*:*
cpe:2.3:h:st:stm32l431kb:-:*:*:*:*:*:*:*
cpe:2.3:h:st:stm32l431kc:-:*:*:*:*:*:*:*
cpe:2.3:h:st:stm32l431rb:-:*:*:*:*:*:*:*
cpe:2.3:h:st:stm32l431rc:-:*:*:*:*:*:*:*
cpe:2.3:h:st:stm32l431vc:-:*:*:*:*:*:*:*
cpe:2.3:h:st:stm32l432kb:-:*:*:*:*:*:*:*
cpe:2.3:h:st:stm32l432kc:-:*:*:*:*:*:*:*
cpe:2.3:h:st:stm32l433cb:-:*:*:*:*:*:*:*
cpe:2.3:h:st:stm32l433cc:-:*:*:*:*:*:*:*
cpe:2.3:h:st:stm32l433rb:-:*:*:*:*:*:*:*
cpe:2.3:h:st:stm32l433rc:-:*:*:*:*:*:*:*
cpe:2.3:h:st:stm32l433vc:-:*:*:*:*:*:*:*
cpe:2.3:h:st:stm32l442kc:-:*:*:*:*:*:*:*
cpe:2.3:h:st:stm32l443cc:-:*:*:*:*:*:*:*
cpe:2.3:h:st:stm32l443rc:-:*:*:*:*:*:*:*
cpe:2.3:h:st:stm32l443vc:-:*:*:*:*:*:*:*
cpe:2.3:h:st:stm32l451cc:-:*:*:*:*:*:*:*
cpe:2.3:h:st:stm32l451ce:-:*:*:*:*:*:*:*
cpe:2.3:h:st:stm32l451rc:-:*:*:*:*:*:*:*
cpe:2.3:h:st:stm32l452rc:-:*:*:*:*:*:*:*
cpe:2.3:h:st:stm32l471qe:-:*:*:*:*:*:*:*
cpe:2.3:h:st:stm32l471ze:-:*:*:*:*:*:*:*
cpe:2.3:h:st:stm32l451re:-:*:*:*:*:*:*:*
cpe:2.3:h:st:stm32l451vc:-:*:*:*:*:*:*:*
cpe:2.3:h:st:stm32l451ve:-:*:*:*:*:*:*:*
cpe:2.3:h:st:stm32l452cc:-:*:*:*:*:*:*:*
cpe:2.3:h:st:stm32l452ce:-:*:*:*:*:*:*:*
cpe:2.3:h:st:stm32l452re:-:*:*:*:*:*:*:*
cpe:2.3:h:st:stm32l452vc:-:*:*:*:*:*:*:*
cpe:2.3:h:st:stm32l452ve:-:*:*:*:*:*:*:*
cpe:2.3:h:st:stm32l462ce:-:*:*:*:*:*:*:*
cpe:2.3:h:st:stm32l462re:-:*:*:*:*:*:*:*
cpe:2.3:h:st:stm32l462ve:-:*:*:*:*:*:*:*
cpe:2.3:h:st:stm32l471qg:-:*:*:*:*:*:*:*
cpe:2.3:h:st:stm32l471re:-:*:*:*:*:*:*:*
cpe:2.3:h:st:stm32l471rg:-:*:*:*:*:*:*:*
cpe:2.3:h:st:stm32l471ve:-:*:*:*:*:*:*:*
cpe:2.3:h:st:stm32l471vg:-:*:*:*:*:*:*:*
cpe:2.3:h:st:stm32l471zg:-:*:*:*:*:*:*:*
cpe:2.3:h:st:stm32l475rc:-:*:*:*:*:*:*:*
cpe:2.3:h:st:stm32l475re:-:*:*:*:*:*:*:*
cpe:2.3:h:st:stm32l475rg:-:*:*:*:*:*:*:*
cpe:2.3:h:st:stm32l475vc:-:*:*:*:*:*:*:*
cpe:2.3:h:st:stm32l475ve:-:*:*:*:*:*:*:*
cpe:2.3:h:st:stm32l475vg:-:*:*:*:*:*:*:*
cpe:2.3:h:st:stm32l476je:-:*:*:*:*:*:*:*
cpe:2.3:h:st:stm32l476jg:-:*:*:*:*:*:*:*
cpe:2.3:h:st:stm32l476me:-:*:*:*:*:*:*:*
cpe:2.3:h:st:stm32l476mg:-:*:*:*:*:*:*:*
cpe:2.3:h:st:stm32l476qe:-:*:*:*:*:*:*:*
cpe:2.3:h:st:stm32l476qg:-:*:*:*:*:*:*:*
cpe:2.3:h:st:stm32l476rc:-:*:*:*:*:*:*:*
cpe:2.3:h:st:stm32l476re:-:*:*:*:*:*:*:*
cpe:2.3:h:st:stm32l476rg:-:*:*:*:*:*:*:*
cpe:2.3:h:st:stm32l476vc:-:*:*:*:*:*:*:*
cpe:2.3:h:st:stm32l476ve:-:*:*:*:*:*:*:*
cpe:2.3:h:st:stm32l476vg:-:*:*:*:*:*:*:*
cpe:2.3:h:st:stm32l476ze:-:*:*:*:*:*:*:*
cpe:2.3:h:st:stm32l476zg:-:*:*:*:*:*:*:*
cpe:2.3:h:st:stm32l486jg:-:*:*:*:*:*:*:*
cpe:2.3:h:st:stm32l486qg:-:*:*:*:*:*:*:*
cpe:2.3:h:st:stm32l486rg:-:*:*:*:*:*:*:*
cpe:2.3:h:st:stm32l486vg:-:*:*:*:*:*:*:*
cpe:2.3:h:st:stm32l496wg:-:*:*:*:*:*:*:*
cpe:2.3:h:st:stm32l4a6vg:-:*:*:*:*:*:*:*
cpe:2.3:h:st:stm32l486zg:-:*:*:*:*:*:*:*
cpe:2.3:h:st:stm32l496ae:-:*:*:*:*:*:*:*
cpe:2.3:h:st:stm32l496ag:-:*:*:*:*:*:*:*
cpe:2.3:h:st:stm32l496qe:-:*:*:*:*:*:*:*
cpe:2.3:h:st:stm32l496qg:-:*:*:*:*:*:*:*
cpe:2.3:h:st:stm32l496re:-:*:*:*:*:*:*:*
cpe:2.3:h:st:stm32l496rg:-:*:*:*:*:*:*:*
cpe:2.3:h:st:stm32l496ve:-:*:*:*:*:*:*:*
cpe:2.3:h:st:stm32l496vg:-:*:*:*:*:*:*:*
cpe:2.3:h:st:stm32l496ze:-:*:*:*:*:*:*:*
cpe:2.3:h:st:stm32l496zg:-:*:*:*:*:*:*:*
cpe:2.3:h:st:stm32l4a6ag:-:*:*:*:*:*:*:*
cpe:2.3:h:st:stm32l4a6qg:-:*:*:*:*:*:*:*
cpe:2.3:h:st:stm32l4a6rg:-:*:*:*:*:*:*:*
cpe:2.3:h:st:stm32l4a6zg:-:*:*:*:*:*:*:*
Information

Published : 2021-05-21 05:15

Updated : 2021-06-08 11:15

NVD link : CVE-2021-29414

Mitre link : CVE-2021-29414

JSON object : View

CWE
CWE-74

Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')

Advertisement

dedicated server usa
Products Affected

st

  • stm32l412k8
  • stm32l496zg
  • stm32l451ve
  • stm32l496ve
  • stm32l4a6vg
  • stm32l422cb
  • stm32l475vc
  • stm32l452ce
  • stm32l476rc
  • stm32l486qg
  • stm32l422rb
  • stm32l443rc
  • stm32l486vg
  • stm32l422tb
  • stm32l471ve
  • stm32l476qg
  • stm32l431cc
  • stm32l433rc
  • stm32l486rg
  • stm32l496wg
  • stm32l433vc
  • stm32l452re
  • stm32l4a6rg
  • stm32l451re
  • stm32l476ve
  • stm32l496ag
  • stm32l433cb
  • stm32l496qe
  • stm32l476rg
  • stm32l486jg
  • stm32l431kc
  • stm32l412cb
  • stm32l433rb
  • stm32l471zg
  • stm32l443cc
  • stm32l496rg
  • stm32l496qg
  • stm32l471qe
  • stm32l496vg
  • stm32l412c8
  • stm32l462re
  • stm32l451rc
  • stm32l475re
  • stm32l412t8
  • stm32l432kc
  • stm32l431rc
  • stm32l451ce
  • stm32l475rg
  • stm32l432kb
  • stm32l452ve
  • stm32l4a6zg
  • stm32l431kb
  • stm32l496re
  • stm32l462ce
  • stm32l496ze
  • stm32l412rb
  • stm32l452cc
  • stm32l433cc
  • stm32l4a6ag
  • stm32l476vg
  • stm32l475ve
  • stm32l471rg
  • stm32l475vg
  • stm32l422kb
  • stm32l451cc
  • stm32l4a6qg
  • stm32l412r8
  • stm32l476ze
  • stm32l476re
  • stm32l471ze
  • stm32l442kc
  • stm32l475rc
  • stm32l476me
  • stm32l452vc
  • stm32l412tb
  • stm32l451vc
  • stm32l431cb
  • stm32l486zg
  • stm32l443vc
  • stm32l431rb
  • stm32l476je
  • stm32l462ve
  • stm32l476zg
  • stm32l471qg
  • stm32l476mg
  • stm32l471vg
  • stm32l471re
  • stm32l476vc
  • stm32l496ae
  • stm32l431vc
  • stm32cubel4_firmware
  • stm32l452rc
  • stm32l412kb
  • stm32l476jg
  • stm32l476qe