CWE
295
Advisory Published
Updated

CVE-2017-7932

First published: Mon Aug 07 2017(Updated: )

An improper certificate validation issue was discovered in NXP i.MX 28 i.MX 50, i.MX 53, i.MX 7Solo i.MX 7Dual Vybrid VF3xx, Vybrid VF5xx, Vybrid VF6xx, i.MX 6ULL, i.MX 6UltraLite, i.MX 6SoloLite, i.MX 6Solo, i.MX 6DualLite, i.MX 6SoloX, i.MX 6Dual, i.MX 6Quad, i.MX 6DualPlus, and i.MX 6QuadPlus. When the device is configured in security enabled configuration, under certain conditions it is possible to bypass the signature verification by using a specially crafted certificate leading to the execution of an unsigned image.

Credit: ics-cert@hq.dhs.gov

Affected SoftwareAffected VersionHow to fix
Nxp Vybrid Mvf30nn151cku26 Firmware
Nxp Vybrid Mvf30nn151cku26
Nxp Vybrid Mvf30ns151cku26 Firmware
Nxp Vybrid Mvf30ns151cku26
Nxp Vybrid Mvf50nn151cmk40 Firmware
Nxp Vybrid Mvf50nn151cmk40
Nxp Vybrid Mvf50nn151cmk50 Firmware
Nxp Vybrid Mvf50nn151cmk50
Nxp Vybrid Mvf50ns151cmk40 Firmware
Nxp Vybrid Mvf50ns151cmk40
Nxp Vybrid Mvf50ns151cmk50 Firmware
Nxp Vybrid Mvf50ns151cmk50
Nxp Vybrid Mvf51nn151cmk50 Firmware
Nxp Vybrid Mvf51nn151cmk50
Nxp Vybrid Mvf51ns151cmk50 Firmware
Nxp Vybrid Mvf51ns151cmk50
Nxp Vybrid Mvf60nn151cmk40 Firmware
Nxp Vybrid Mvf60nn151cmk40
Nxp Vybrid Mvf60ns151cmk40 Firmware
Nxp Vybrid Mvf60ns151cmk40
Nxp Vybrid Mvf60nn151cmk50 Firmware
Nxp Vybrid Mvf60nn151cmk50
Nxp Vybrid Mvf60ns151cmk50 Firmware
Nxp Vybrid Mvf60ns151cmk50
Nxp Vybrid Mvf61nn151cmk50 Firmware
Nxp Vybrid Mvf61nn151cmk50
Nxp Vybrid Mvf61ns151cmk50 Firmware
Nxp Vybrid Mvf61ns151cmk50
Nxp Vybrid Mvf62nn151cmk40 Firmware
Nxp Vybrid Mvf62nn151cmk40
Nxp I.mx 50 Firmware
NXP i.MX 50
Nxp I.mx 53 Firmware
Nxp I.mx 53
Nxp I.mx 6ull Firmware
Nxp I.mx 6ull
Nxp I.mx 6ultralite Firmware
Nxp I.mx 6ultralite
Nxp I.mx 6sololite Firmware
Nxp I.mx 6sololite
Nxp I.mx 6solo Firmware
Nxp I.mx 6solo
Nxp I.mx 6duallite Firmware
Nxp I.mx 6duallite
Nxp I.mx 6solox Firmware
Nxp I.mx 6solox
Nxp I.mx 6dual Firmware
Nxp I.mx 6dual
Nxp I.mx 6quad Firmware
Nxp I.mx 6quad
Nxp I.mx 6quadplus Firmware
Nxp I.mx 6quadplus
Nxp I.mx 6dualplus Firmware
Nxp I.mx 6dualplus
Nxp I.mx 28 Firmware
NXP i.MX 28
Nxp I.mx 7dual Firmware
Nxp I.mx 7dual
Nxp I.mx 7solo Firmware
Nxp I.mx 7solo

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2024 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203