Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2017-7932

An improper certificate validation issue was discovered in NXP i.MX 28 i.MX 50, i.MX 53, i.MX 7Solo i.MX 7Dual Vybrid VF3xx, Vybrid VF5xx, Vybrid VF6xx, i.MX 6ULL, i.MX 6UltraLite, i.MX 6SoloLite, i.MX 6Solo, i.MX 6DualLite, i.MX 6SoloX, i.MX 6Dual, i.MX 6Quad, i.MX 6DualPlus, and i.MX 6QuadPlus. When the device is configured in security enabled configuration, under certain conditions it is possible to bypass the signature verification by using a specially crafted certificate leading to the execution of an unsigned image.

Published

2017-08-07T08:29:00.307

Last Modified

2025-04-20T01:37:25.860

Status

Deferred

Source

[email protected]

Severity

CVSSv3.0: 6.0 (MEDIUM)

CVSSv2 Vector

AV:L/AC:M/Au:N/C:P/I:P/A:P

  • Access Vector: LOCAL
  • Access Complexity: MEDIUM
  • Authentication: NONE
  • Confidentiality Impact: PARTIAL
  • Integrity Impact: PARTIAL
  • Availability Impact: PARTIAL
Exploitability Score

3.4

Impact Score

6.4

Weaknesses
  • Type: Secondary
    CWE-295
  • Type: Primary
    CWE-295
Affected Vendors & Products
Type Vendor Product Version/Range Vulnerable?
Operating System nxp vybrid_mvf30nn151cku26_firmware - Yes
Hardware nxp vybrid_mvf30nn151cku26 - No
Operating System nxp vybrid_mvf30ns151cku26_firmware - Yes
Hardware nxp vybrid_mvf30ns151cku26 - No
Operating System nxp vybrid_mvf50nn151cmk40_firmware - Yes
Hardware nxp vybrid_mvf50nn151cmk40 - No
Operating System nxp vybrid_mvf50nn151cmk50_firmware - Yes
Hardware nxp vybrid_mvf50nn151cmk50 - No
Operating System nxp vybrid_mvf50ns151cmk40_firmware - Yes
Hardware nxp vybrid_mvf50ns151cmk40 - No
Operating System nxp vybrid_mvf50ns151cmk50_firmware - Yes
Hardware nxp vybrid_mvf50ns151cmk50 - No
Operating System nxp vybrid_mvf51nn151cmk50_firmware - Yes
Hardware nxp vybrid_mvf51nn151cmk50 - No
Operating System nxp vybrid_mvf51ns151cmk50_firmware - Yes
Hardware nxp vybrid_mvf51ns151cmk50 - No
Operating System nxp vybrid_mvf60nn151cmk40_firmware - Yes
Hardware nxp vybrid_mvf60nn151cmk40 - No
Operating System nxp vybrid_mvf60ns151cmk40_firmware - Yes
Hardware nxp vybrid_mvf60ns151cmk40 - No
Operating System nxp vybrid_mvf60nn151cmk50_firmware - Yes
Hardware nxp vybrid_mvf60nn151cmk50 - No
Operating System nxp vybrid_mvf60ns151cmk50_firmware - Yes
Hardware nxp vybrid_mvf60ns151cmk50 - No
Operating System nxp vybrid_mvf61nn151cmk50_firmware - Yes
Hardware nxp vybrid_mvf61nn151cmk50 - No
Operating System nxp vybrid_mvf61ns151cmk50_firmware - Yes
Hardware nxp vybrid_mvf61ns151cmk50 - No
Operating System nxp vybrid_mvf62nn151cmk40_firmware - Yes
Hardware nxp vybrid_mvf62nn151cmk40 - No
Operating System nxp i.mx_50_firmware - Yes
Hardware nxp i.mx_50 - No
Operating System nxp i.mx_53_firmware - Yes
Hardware nxp i.mx_53 - No
Operating System nxp i.mx_6ull_firmware - Yes
Hardware nxp i.mx_6ull - No
Operating System nxp i.mx_6ultralite_firmware - Yes
Hardware nxp i.mx_6ultralite - No
Operating System nxp i.mx_6sololite_firmware - Yes
Hardware nxp i.mx_6sololite - No
Operating System nxp i.mx_6solo_firmware - Yes
Hardware nxp i.mx_6solo - No
Operating System nxp i.mx_6duallite_firmware - Yes
Hardware nxp i.mx_6duallite - No
Operating System nxp i.mx_6solox_firmware - Yes
Hardware nxp i.mx_6solox - No
Operating System nxp i.mx_6dual_firmware - Yes
Hardware nxp i.mx_6dual - No
Operating System nxp i.mx_6quad_firmware - Yes
Hardware nxp i.mx_6quad - No
Operating System nxp i.mx_6quadplus_firmware - Yes
Hardware nxp i.mx_6quadplus - No
Operating System nxp i.mx_6dualplus_firmware - Yes
Hardware nxp i.mx_6dualplus - No
Operating System nxp i.mx_28_firmware - Yes
Hardware nxp i.mx_28 - No
Operating System nxp i.mx_7dual_firmware - Yes
Hardware nxp i.mx_7dual - No
Operating System nxp i.mx_7solo_firmware - Yes
Hardware nxp i.mx_7solo - No
References