ID
VAR-E-201707-0324
CVE
| cve_id: | CVE-2017-7936 | Trust: 0.3 |
| cve_id: | CVE-2017-7932 | Trust: 0.3 |
TITLE
Multiple i.MX Products Multiple Local Security Vulnerabilities
Trust: 0.3
DESCRIPTION
Multiple i.MX Products is prone to multiple local security vulnerabilities.
An attacker may exploit these issues to bypass certain security restrictions and perform unauthorized actions or execute arbitrary code within the context of the application. Failed exploit attempts will likely cause a denial-of-service condition.
Trust: 0.3
AFFECTED PRODUCTS
| vendor: | nxp | model: | semiconductors vybrid vf5xx | scope: | eq | version: | 0 | Trust: 0.3 |
| vendor: | nxp | model: | semiconductors vybrid vf3xx | scope: | eq | version: | 0 | Trust: 0.3 |
| vendor: | nxp | model: | semiconductors mifare ultralight | scope: | eq | version: | 0 | Trust: 0.3 |
| vendor: | nxp | model: | semiconductors mifare reader components | scope: | eq | version: | 0 | Trust: 0.3 |
| vendor: | nxp | model: | semiconductors mifare desfire ev1 | scope: | - | version: | - | Trust: 0.3 |
| vendor: | nxp | model: | semiconductors mifare classic | scope: | eq | version: | 0 | Trust: 0.3 |
| vendor: | nxp | model: | semiconductors imx 7solo | scope: | eq | version: | 0 | Trust: 0.3 |
| vendor: | nxp | model: | semiconductors imx 7dual | scope: | eq | version: | 0 | Trust: 0.3 |
| vendor: | nxp | model: | semiconductors imx 6ultralite | scope: | eq | version: | 0 | Trust: 0.3 |
| vendor: | nxp | model: | semiconductors imx 6ull | scope: | eq | version: | 0 | Trust: 0.3 |
| vendor: | nxp | model: | semiconductors imx 6solox | scope: | eq | version: | 0 | Trust: 0.3 |
| vendor: | nxp | model: | semiconductors imx 6sololite | scope: | eq | version: | 0 | Trust: 0.3 |
| vendor: | nxp | model: | semiconductors imx 6solo | scope: | eq | version: | 0 | Trust: 0.3 |
| vendor: | nxp | model: | semiconductors imx 6quadplus | scope: | eq | version: | 0 | Trust: 0.3 |
| vendor: | nxp | model: | semiconductors imx 6quad | scope: | eq | version: | 0 | Trust: 0.3 |
| vendor: | nxp | model: | semiconductors imx 6dualplus | scope: | eq | version: | 0 | Trust: 0.3 |
| vendor: | nxp | model: | semiconductors imx 6duallite | scope: | eq | version: | 0 | Trust: 0.3 |
| vendor: | nxp | model: | semiconductors imx 6dual | scope: | eq | version: | 0 | Trust: 0.3 |
| vendor: | nxp | model: | semiconductors imx | scope: | eq | version: | 530 | Trust: 0.3 |
| vendor: | nxp | model: | semiconductors imx | scope: | eq | version: | 500 | Trust: 0.3 |
| vendor: | nxp | model: | semiconductors imx | scope: | eq | version: | 280 | Trust: 0.3 |
EXPLOIT
To exploit some of these issues, an attacker must entice an unsuspecting victim into following a malicious URI or visiting a malicious website.
Trust: 0.3
PRICE
Free
Trust: 0.3
TYPE
Input Validation Error
Trust: 0.3
CREDITS
Quarkslab.
Trust: 0.3
EXTERNAL IDS
| db: | ICS CERT | id: | ICSA-17-152-02 | Trust: 0.3 |
| db: | NVD | id: | CVE-2017-7936 | Trust: 0.3 |
| db: | NVD | id: | CVE-2017-7932 | Trust: 0.3 |
| db: | BID | id: | 99966 | Trust: 0.3 |
REFERENCES
| url: | https://ics-cert.us-cert.gov/advisories/icsa-17-152-02 | Trust: 0.3 |
| url: | http://www.nxp.com/ | Trust: 0.3 |
SOURCES
| db: | BID | id: | 99966 |
LAST UPDATE DATE
2022-07-27T09:58:26.476000+00:00
SOURCES UPDATE DATE
| db: | BID | id: | 99966 | date: | 2017-07-26T00:00:00 |
SOURCES RELEASE DATE
| db: | BID | id: | 99966 | date: | 2017-07-26T00:00:00 |