Stmicroelectronics · Stm32F0 · CVE-2017-18347
Name of the Vulnerable Software and Affected Versions:
STMicroelectronics STM32F0 series devices (affected versions not specified)
Description:
The issue is related to incorrect access control in RDP Level 1, which allows physically present attackers to extract the device's protected firmware via a special sequence of Serial Wire Debug (SWD) commands. This is due to a race condition between the full initialization of the SWD interface and the setup of flash protection.
Recommendations:
At the moment, there is no information about a newer version that contains a fix for this vulnerability.