{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:st:stm32f071rb_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "5509D8A9-90F1-4A8B-8609-DC7254130070", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:st:stm32f071rb:-:*:*:*:*:*:*:*", "matchCriteriaId": "DB3C2FB2-6308-45E3-831E-B2F779A886E1", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:st:stm32f071v8_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "9CC1010B-3D2D-405B-9FAF-98F37CA4D510", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:st:stm32f071v8:-:*:*:*:*:*:*:*", "matchCriteriaId": "05D5341B-1D44-44C6-8FA7-05BF066C052B", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:st:stm32f071vb_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "3B9997D6-D64D-4BA7-B127-20B00A13E63A", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:st:stm32f071vb:-:*:*:*:*:*:*:*", "matchCriteriaId": "ACD473E0-5E09-4726-A6A3-6715E5945947", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:st:stm32f072c8_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "4EF3EB0E-8C87-4894-A307-5177E0458739", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:st:stm32f072c8:-:*:*:*:*:*:*:*", "matchCriteriaId": "F655B8F1-B21E-476A-908D-EBA16E4D7B8D", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:st:stm32f072cb_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "A6FE3842-9E90-4BBE-B14E-51C68CF6B04C", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:st:stm32f072cb:-:*:*:*:*:*:*:*", "matchCriteriaId": "6CBFC44D-586E-4B08-90AF-9075B969DDDD", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:st:stm32f072r8_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "66FF7F8F-DD22-440E-84BB-334035942D2D", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:st:stm32f072r8:-:*:*:*:*:*:*:*", "matchCriteriaId": "3DAA5EB5-0464-4935-BB49-FDD2794DB324", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:st:stm32f072rb_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "86D47F34-47E8-4AF2-957A-4938787FF0B7", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:st:stm32f072rb:-:*:*:*:*:*:*:*", "matchCriteriaId": "7E1EBA26-B15E-4D52-AD68-AA39BA0BED6B", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:st:stm32f072v8_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "E04A9CA0-C3DD-42A0-B837-ACEF1474B876", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:st:stm32f072v8:-:*:*:*:*:*:*:*", "matchCriteriaId": "B1D50185-E096-4196-A8F6-3F6DE4A88A07", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:st:stm32f072vb_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "75BC9541-A6F8-4C7C-8928-B9E6616C6981", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:st:stm32f072vb:-:*:*:*:*:*:*:*", "matchCriteriaId": "6B4D7C2E-0694-4009-B044-5F19E20D26AE", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:st:stm32f078cb_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "DE3C19F5-A323-4A21-A5B0-7E9C44F175CE", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:st:stm32f078cb:-:*:*:*:*:*:*:*", "matchCriteriaId": "3DC45637-2870-483A-A0D6-F5EE3ECE8129", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:st:stm32f078rb_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "9A309559-E88B-4485-A727-E09722471311", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:st:stm32f078rb:-:*:*:*:*:*:*:*", "matchCriteriaId": "FBDDC99E-81C6-4371-AD36-8DDD74E1FF11", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:st:stm32f078vb_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "3A1C652E-0587-4023-AB80-E8E1C5DFDBE7", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:st:stm32f078vb:-:*:*:*:*:*:*:*", "matchCriteriaId": "78CB03A2-FBE8-4092-B96B-530D55E38F5D", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:st:stm32f091cb_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "5D9BEF33-5012-4851-BB32-7317E76364DA", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:st:stm32f091cb:-:*:*:*:*:*:*:*", "matchCriteriaId": "3854C570-5D65-4185-9FE4-3C0E3FCFC928", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:st:stm32f091cc_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "07279D5B-7190-47F9-A2F1-B15049172412", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:st:stm32f091cc:-:*:*:*:*:*:*:*", "matchCriteriaId": "83ED0B1F-3831-428B-95B2-2DB7F1557977", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:st:stm32f091rb_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "FEAE2F6B-707D-4619-B8F8-3CEB8CAB28D7", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:st:stm32f091rb:-:*:*:*:*:*:*:*", "matchCriteriaId": "DEF7DB68-02A2-4A33-9C7F-5538643D9D63", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:st:stm32f091rc_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "163232DF-E010-4D70-8C5E-247C65975C57", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:st:stm32f091rc:-:*:*:*:*:*:*:*", "matchCriteriaId": "403C1FAC-E503-4748-ACF9-09B4E49FDDDD", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:st:stm32f091vb_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "7CE64EBE-6325-4586-BA67-344E7AC8189F", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:st:stm32f091vb:-:*:*:*:*:*:*:*", "matchCriteriaId": "94FC942C-0D48-46AE-8985-57F73C268C7C", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:st:stm32f091vc_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "FAFE18D1-C7F5-4CA2-B007-DC3069896E80", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:st:stm32f091vc:-:*:*:*:*:*:*:*", "matchCriteriaId": "3DA685A2-86CE-4AB0-9E88-84B50E1CEB9D", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:st:stm32f098cc_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "B84C56E7-3F4D-412C-B6B3-FBA7059A6C82", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:st:stm32f098cc:-:*:*:*:*:*:*:*", "matchCriteriaId": "EF6CDF39-5239-40A0-9C56-EAC9D4318A1C", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:st:stm32f098rc_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "4DAB99B0-E616-4F04-AFC8-1FDC18D6A2E8", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:st:stm32f098rc:-:*:*:*:*:*:*:*", "matchCriteriaId": "9851C88C-D3DE-4F74-816D-304D975966BE", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:st:stm32f098vc_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "881FDD55-1BDF-4978-A393-D842CB41A322", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:st:stm32f098vc:-:*:*:*:*:*:*:*", "matchCriteriaId": "F0DDD12F-1DA2-4D0C-A40D-EC1B1A376A7F", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:st:stm32f070c6_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "5E778F9F-7A39-4FE7-8AF6-2558F9587859", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:st:stm32f070c6:-:*:*:*:*:*:*:*", "matchCriteriaId": "0A682E34-56CA-4AEB-88F2-C2250DB96B97", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:st:stm32f070cb_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "2DF2D955-2A57-4D95-AA25-E6436CE26097", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:st:stm32f070cb:-:*:*:*:*:*:*:*", "matchCriteriaId": "32EF334F-3F94-4F62-B75C-8E4C0424E7EF", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:st:stm32f070f6_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "A6F0583F-8E73-409E-9400-05307EB486C5", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:st:stm32f070f6:-:*:*:*:*:*:*:*", "matchCriteriaId": "51CFF601-FAA4-4311-8735-723EA6DFE843", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:st:stm32f070rb_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "F6DA1F05-F3D1-4FDF-AB94-A36717776C71", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:st:stm32f070rb:-:*:*:*:*:*:*:*", "matchCriteriaId": "B2B7B4B9-7F40-4186-9BA7-003891222286", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:st:stm32f071c8_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "49F420D3-0E17-4AD5-A600-FAD2688CD82E", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:st:stm32f071c8:-:*:*:*:*:*:*:*", "matchCriteriaId": "AF8445AD-0008-4A76-B40E-68BDE9AEBDAA", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:st:stm32f071cb_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "EC047AC5-29F6-4C30-A203-32F6050F8055", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:st:stm32f071cb:-:*:*:*:*:*:*:*", "matchCriteriaId": "895177EE-48AF-4AF9-BF4F-EA4C70D2C915", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:st:stm32f051t8_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "A511A9BF-C9DA-457F-B23F-86B754C39F05", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:st:stm32f051t8:-:*:*:*:*:*:*:*", "matchCriteriaId": "A3BC3D27-3200-42BE-8328-C800C36352A4", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:st:stm32f058c8_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "ED7706AA-9A60-4581-9575-32E0A071902E", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:st:stm32f058c8:-:*:*:*:*:*:*:*", "matchCriteriaId": "12A88BFC-2EBD-494A-9161-912AF9BC5C86", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:st:stm32f058r8_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "EA6CC26D-B49A-4D8A-A382-F8518A810B3D", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:st:stm32f058r8:-:*:*:*:*:*:*:*", "matchCriteriaId": "4D39C1E1-D37C-4335-A740-8C3323ECBB48", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:st:stm32f058t8_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "8605528E-18BC-42C9-BBFB-213F23E08FA6", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:st:stm32f058t8:-:*:*:*:*:*:*:*", "matchCriteriaId": "AEDDC0B6-91CB-489F-A610-716707E87C31", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:st:stm32f070c6_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "5E778F9F-7A39-4FE7-8AF6-2558F9587859", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:st:stm32f070c6:-:*:*:*:*:*:*:*", "matchCriteriaId": "0A682E34-56CA-4AEB-88F2-C2250DB96B97", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:st:stm32f051k4_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "F4C5BCB9-9784-428E-A0AB-7FF8185D2DDE", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:st:stm32f051k4:-:*:*:*:*:*:*:*", "matchCriteriaId": "D4176235-C90E-44F4-933E-F26BCFC4E76B", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:st:stm32f051k6_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "3D4510C5-5F95-4DC3-BE91-9B1B5B8EBF20", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:st:stm32f051k6:-:*:*:*:*:*:*:*", "matchCriteriaId": "4F4DF827-1BAC-4A47-BE20-0BEE66D97AA7", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:st:stm32f051k8_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "40792AAC-0582-4DFA-BE9A-1C8CFE1B2F45", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:st:stm32f051k8:-:*:*:*:*:*:*:*", "matchCriteriaId": "C5D3E77C-1F07-4262-82DF-BE1FD9696B8B", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:st:stm32f051r4_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "012DBF7D-8560-4A1A-A08A-097BC865925B", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:st:stm32f051r4:-:*:*:*:*:*:*:*", "matchCriteriaId": "2EECDEF9-5DB6-4950-B73F-F43D66995F59", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:st:stm32f051r6_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "70615138-87BD-4E9F-9960-9F26BB61F1AE", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:st:stm32f051r6:-:*:*:*:*:*:*:*", "matchCriteriaId": "83518586-7B47-4835-A73E-1110AED734A8", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:st:stm32f051r8_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "010E5741-22C1-418B-996F-83C16C3ABAB4", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:st:stm32f051r8:-:*:*:*:*:*:*:*", "matchCriteriaId": "4925C5F7-5334-4677-B81C-A9DDF9336467", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:st:stm32f042t6_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "F8E90EB1-31B5-4359-96A8-F3EE10CB0F5C", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:st:stm32f042t6:-:*:*:*:*:*:*:*", "matchCriteriaId": "F7123ECA-1D0A-49B0-84DB-6E3E98FC8919", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:st:stm32f048c6_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "F797567B-0D2C-447F-AF01-7F6685DF5561", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:st:stm32f048c6:-:*:*:*:*:*:*:*", "matchCriteriaId": "193CE88D-7759-410E-83A6-24FE7F68D7EF", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:st:stm32f048g6_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "3A16A88B-0A46-485F-9A67-D15013A6A6E3", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:st:stm32f048g6:-:*:*:*:*:*:*:*", "matchCriteriaId": "5AB0E481-45F2-40DD-A624-F6CBBCFC5529", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:st:stm32f048t6_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "34563948-F5AD-49ED-B630-68406256F779", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:st:stm32f048t6:-:*:*:*:*:*:*:*", "matchCriteriaId": "F5CBB866-B901-43D2-8DE9-39282F783563", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:st:stm32f051c4_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "3F374F62-79A3-49D8-8B07-6EE13622E05A", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:st:stm32f051c4:-:*:*:*:*:*:*:*", "matchCriteriaId": "9F38061A-F47E-498B-819C-65949A76E559", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:st:stm32f051c6_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "6C479195-140D-41BF-917C-7A88D13A4C74", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:st:stm32f051c6:-:*:*:*:*:*:*:*", "matchCriteriaId": "1B910D47-DB2F-4D13-8761-1E8A202A11ED", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:st:stm32f051c8_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "EF28B8A7-42B8-4908-BE62-E91B29E4227B", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:st:stm32f051c8:-:*:*:*:*:*:*:*", "matchCriteriaId": "42997AF8-4E4A-42E4-8178-783C8942263D", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:st:stm32f042f4_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "4411447F-DB71-4CDF-8F18-2708B1038855", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:st:stm32f042f4:-:*:*:*:*:*:*:*", "matchCriteriaId": "0921456A-F7FF-4DD8-A3A6-F9C2B946838C", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:st:stm32f042f6_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "67BB7054-E3D4-4F37-A49E-76430B1DDC63", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:st:stm32f042f6:-:*:*:*:*:*:*:*", "matchCriteriaId": "2BC05830-A76B-46C6-983E-A0DE922EEAA9", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:st:stm32f042g4_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "FFCA9D71-F2D7-4E4D-B180-C0273FF5F56E", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:st:stm32f042g4:-:*:*:*:*:*:*:*", "matchCriteriaId": "B94DEAA6-78DA-41D9-A125-F471B85FA9AF", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:st:stm32f042g6_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "B32A470E-F8CD-4D1A-B9F6-36352DE8D35A", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:st:stm32f042g6:-:*:*:*:*:*:*:*", "matchCriteriaId": "9B43690C-1EA8-4A2E-93AB-E0A7FBE76BCC", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:st:stm32f042k4_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "A66BF697-B6AE-4402-BBD9-EA4F0E0B747B", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:st:stm32f042k4:-:*:*:*:*:*:*:*", "matchCriteriaId": "47F3B325-997A-4A7B-900B-1D4A4FA7C35A", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:st:stm32f042k6_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "1C25A621-4ED2-4174-9589-D1A9CBC85F83", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:st:stm32f042k6:-:*:*:*:*:*:*:*", "matchCriteriaId": "23504ADB-4452-490F-A144-8CCDE569CA3F", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:st:stm32f038c6_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "BC75636D-7D37-41C9-BE1C-7DE0C3F70791", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:st:stm32f038c6:-:*:*:*:*:*:*:*", "matchCriteriaId": "C850D66F-CA4B-4078-A5C4-8A343710ADE1", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:st:stm32f038e6_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "C0D21D5D-3624-4054-979E-154948C9D388", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:st:stm32f038e6:-:*:*:*:*:*:*:*", "matchCriteriaId": "D431AC60-716A-4CC5-85AE-3BE7B3A421BE", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:st:stm32f038f6_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "B53F48D4-0A3B-401B-9DCE-9395679F97DE", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:st:stm32f038f6:-:*:*:*:*:*:*:*", "matchCriteriaId": "3900982A-06EB-4F2F-A91D-D414622A0B7A", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:st:stm32f038g6_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "3015D28B-A4BD-4AC2-8A7B-175B543FF320", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:st:stm32f038g6:-:*:*:*:*:*:*:*", "matchCriteriaId": "E51E6B85-BE97-4365-86D9-DE106001DF43", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:st:stm32f038k6_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "88C9E10C-3D51-4F06-BD4B-80D548FCABD2", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:st:stm32f038k6:-:*:*:*:*:*:*:*", "matchCriteriaId": "4A7A3BCB-F1F3-44AA-933A-598B611FD060", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:st:stm32f042c4_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "B547890C-16CD-4121-AA09-A83B88E7D4C7", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:st:stm32f042c4:-:*:*:*:*:*:*:*", "matchCriteriaId": "6336D349-E7CF-451B-A085-EC9E1F1458B7", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:st:stm32f042c6_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "38EB0E21-6508-44D8-93EA-FB6FFBBCC0B4", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:st:stm32f042c6:-:*:*:*:*:*:*:*", "matchCriteriaId": "CC8344E3-524F-40C0-8884-FFA3C600BC24", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:st:stm32f031e6_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "53E3C923-8112-44A1-9F11-0C081BDFBDD2", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:st:stm32f031e6:-:*:*:*:*:*:*:*", "matchCriteriaId": "D62CA7EA-D2AB-4C62-8FAC-5E157A58C294", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:st:stm32f031f4_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "50520E1E-CFBB-4A17-B62E-17617B3F6788", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:st:stm32f031f4:-:*:*:*:*:*:*:*", "matchCriteriaId": "CFD1DDDF-4B45-434B-B2AD-1E688ACD5069", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:st:stm32f031f6_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "EFBCF6E9-CDC2-413A-81F0-877F61BF37B7", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:st:stm32f031f6:-:*:*:*:*:*:*:*", "matchCriteriaId": "84D40595-F301-4645-9091-C8F8BC8CB97C", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:st:stm32f031g4_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "96ED0959-0E85-4805-9CB1-B5BC0B2A25D2", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:st:stm32f031g4:-:*:*:*:*:*:*:*", "matchCriteriaId": "D99770A7-F301-48A8-B1D0-6B9DDF1549E8", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:st:stm32f031g6_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "869D5ED7-1479-4DC9-B1D5-52058A6F15ED", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:st:stm32f031g6:-:*:*:*:*:*:*:*", "matchCriteriaId": "A4C4407E-9995-4186-B435-11336911A46A", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:st:stm32f031k4_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "40D18840-D242-4CBD-9073-3F64EEBF897A", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:st:stm32f031k4:-:*:*:*:*:*:*:*", "matchCriteriaId": "928FEDDD-B9BA-4BC0-8F27-537A2ED31A76", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:st:stm32f030f4_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "04F615CF-68A8-4487-AAE9-606EA4635CB7", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:st:stm32f030f4:-:*:*:*:*:*:*:*", "matchCriteriaId": "D382F295-975E-4885-8EF8-3D35C8C65BDB", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:st:stm32f030k6_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "70CE9EC3-EB61-4900-9D65-C36A03DD7C46", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:st:stm32f030k6:-:*:*:*:*:*:*:*", "matchCriteriaId": "07495388-69B7-42AA-8846-5EF1C6F47BB8", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:st:stm32f030r8_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "409CFEF6-77B6-4371-9C77-683B9501D943", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:st:stm32f030r8:-:*:*:*:*:*:*:*", "matchCriteriaId": "6A59F1F0-B3ED-4E8F-9425-FD7FAC1A6D44", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:st:stm32f030rc_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "D6E61C78-E402-4B4C-B518-837C88DD134B", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:st:stm32f030rc:-:*:*:*:*:*:*:*", "matchCriteriaId": "4ADE7E38-8E24-458A-8590-4325693DD828", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:st:stm32f031c4_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "B2841FB0-3E44-441E-BF90-C330058D981F", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:st:stm32f031c4:-:*:*:*:*:*:*:*", "matchCriteriaId": "C1D84B76-6CF4-46D7-9A93-BDD4685A4E84", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:st:stm32f031c6_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "CD7D523C-5970-4F36-BA69-E9717F16B673", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:st:stm32f031c6:-:*:*:*:*:*:*:*", "matchCriteriaId": "2F8F3ED0-4779-45FD-9B9A-0A3C931F47B8", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:st:stm32f030c6_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "12A8E329-27BB-4B97-BEE2-A5A5F32914CF", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:st:stm32f030c6:-:*:*:*:*:*:*:*", "matchCriteriaId": "66CED26B-188C-4A83-A3D8-DC149F4A4A9D", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:st:stm32f030c8_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "7E6788A3-DFA0-46EE-ADB3-53A6DAD7F353", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:st:stm32f030c8:-:*:*:*:*:*:*:*", "matchCriteriaId": "509F7642-7B18-48B2-B478-324E898EB76C", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:st:stm32f030cc_firmware:-:*:*:*:*:*:*:*", "matchCriteriaId": "F492A485-3389-4C42-B53D-DFF92EA6553D", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:st:stm32f030cc:-:*:*:*:*:*:*:*", "matchCriteriaId": "54184704-1385-40C7-90E5-8F41E49B401F", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "descriptions": [{"lang": "en", "value": "Incorrect access control in RDP Level 1 on STMicroelectronics STM32F0 series devices allows physically present attackers to extract the device's protected firmware via a special sequence of Serial Wire Debug (SWD) commands because there is a race condition between full initialization of the SWD interface and the setup of flash protection."}, {"lang": "es", "value": "Control de acceso incorrecto en RDP Level 1 en productos STMicroelectronics, serie STM32F0, permite que atacantes f\u00edsicamente presentes extraigan el firmware protegido del dispositivo mediante una secuencia especial de comandos SWD (Serial Wire Debug) debido a que hay una condici\u00f3n de carrera entre la inicializaci\u00f3n completa de la interfaz SWD y la instalaci\u00f3n de la protecci\u00f3n flash."}], "id": "CVE-2017-18347", "lastModified": "2024-11-21T03:19:53.833", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 4.9, "confidentialityImpact": "COMPLETE", "integrityImpact": "NONE", "vectorString": "AV:L/AC:L/Au:N/C:C/I:N/A:N", "version": "2.0"}, "exploitabilityScore": 3.9, "impactScore": 6.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "
[email protected]", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "PHYSICAL", "availabilityImpact": "NONE", "baseScore": 4.6, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 0.9, "impactScore": 3.6, "source": "
[email protected]", "type": "Primary"}]}, "published": "2018-09-12T15:29:00.233", "references": [{"source": "
[email protected]", "tags": ["Vendor Advisory"], "url": "https://community.st.com/s/question/0D50X00009Xke7aSAB/readout-protection-cracked-on-stm32"}, {"source": "
[email protected]", "tags": ["Exploit", "Third Party Advisory"], "url": "https://www.aisec.fraunhofer.de/en/FirmwareProtection.html"}, {"source": "
[email protected]", "tags": ["Exploit", "Third Party Advisory"], "url": "https://www.usenix.org/conference/woot17/workshop-program/presentation/obermaier"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "https://community.st.com/s/question/0D50X00009Xke7aSAB/readout-protection-cracked-on-stm32"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Exploit", "Third Party Advisory"], "url": "https://www.aisec.fraunhofer.de/en/FirmwareProtection.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Exploit", "Third Party Advisory"], "url": "https://www.usenix.org/conference/woot17/workshop-program/presentation/obermaier"}], "sourceIdentifier": "
[email protected]", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-362"}], "source": "
[email protected]", "type": "Primary"}]}