CVE-2017-7932

Name of the Vulnerable Software and Affected Versions NXP i.MX 28 NXP i.MX 50 NXP i.MX 53 NXP i.MX 7Solo NXP i.MX 7Dual NXP Vybrid VF3xx NXP Vybrid VF5xx NXP Vybrid VF6xx NXP i.MX 6ULL NXP i.MX 6UltraLite NXP i.MX 6SoloLite NXP i.MX 6Solo NXP i.MX 6DualLite NXP i.MX 6SoloX NXP i.MX 6Dual NXP i.MX 6Quad NXP i.MX 6DualPlus NXP i.MX 6QuadPlus

Description An issue with improper certificate validation was found. When the device is set up with security enabled, it is possible to bypass signature verification using a specially crafted certificate. This could lead to the execution of an unsigned image under certain conditions.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.