CVE-2022-45163

Name of the Vulnerable Software and Affected Versions NXP i.MX RT 1010 NXP i.MX RT 1015 NXP i.MX RT 1020 NXP i.MX RT 1050 NXP i.MX RT 1060 NXP i.MX 6 Family NXP i.MX 7Dual/Solo NXP i.MX 7ULP NXP i.MX 8M Quad NXP i.MX 8M Mini NXP Vybrid

Description An information-disclosure issue exists on select NXP devices when configured in Serial Download Protocol (SDP) mode. In a device security-enabled configuration, memory contents could potentially leak to physically proximate attackers via the respective SDP port in cold and warm boot attacks.

Recommendations For all affected NXP devices, completely disable the SDP mode by programming a one-time programmable eFUSE to mitigate the issue. Customers can contact NXP for additional information.