Laura Abbott

**Name of the Vulnerable Software and Affected Versions** NXP LPC55S66JBD64 version 1B NXP LPC55S66JBD100 version 1B NXP LPC55S66JEV98 version 1B NXP LPC55S69JBD64 version 1B NXP LPC55S69JBD100 version 1B NXP LPC55S69JEV98 version 1B **Description** The issue is related to a buffer overflow in parsing SB2 updates before the signature is verified. This can allow an attacker to achieve non-persistent code execution via a crafted unsigned update. **Recommendations** For NXP LPC55S66JBD64 version 1B, consider disabling SB2 update parsing until a patch is available. For NXP LPC55S66JBD100 version 1B, consider disabling SB2 update parsing until a patch is available. For NXP LPC55S66JEV98 version 1B, consider disabling SB2 update parsing until a patch is available. For NXP LPC55S69JBD64 version 1B, consider disabling SB2 update parsing until a patch is available. For NXP LPC55S69JBD100 version 1B, consider disabling SB2 update parsing until a patch is available. For NXP LPC55S69JEV98 version 1B, consider disabling SB2 update parsing until a patch is available.