CVE-2017-18347

Name of the Vulnerable Software and Affected Versions: STMicroelectronics STM32F0 series devices (affected versions not specified)

Description: The issue is related to incorrect access control in RDP Level 1, which allows physically present attackers to extract the device's protected firmware via a special sequence of Serial Wire Debug (SWD) commands. This is due to a race condition between the full initialization of the SWD interface and the setup of flash protection.

Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.