I have a product going to market that uses a stm32l486xx processor. There are two CVEs that apply to this micro, CVE-2021-29414 and CVE-2020-27212. Can anyone tell me what the first CVE means?

Forum|Forum|3 years ago
June 21, 2022
1 reply
1060 views

Also, apparently CVE-2020-27212 means that you can bypass flash readout protection. Is that a correct reading of that CVE? Note that searching both the ST main site and the community site produce no hits for either CVE, and trying to determine the actual impact of either CVE from the NIST sites is difficult because they provide no detailed information.

STM32L4 series

This topic has been closed for replies.

KnarfB

Super User

The first link on the NIST site points you to the article "Security and Trust in Open Source Security Tokens" which describes the attac in great detail.

hth

KnarfB

Sign up

Login with SSO

Login to the community

Login with SSO

Scanning file for viruses.

This file cannot be downloaded