CVE-2022-22819
Published Mar 23, 2022
Last updated 3 years ago
Overview
- Description
- NXP LPC55S66JBD64, LPC55S66JBD100, LPC55S66JEV98, LPC55S69JBD64, LPC55S69JBD100, and LPC55S69JEV98 microcontrollers (ROM version 1B) have a buffer overflow in parsing SB2 updates before the signature is verified. This can allow an attacker to achieve non-persistent code execution via a crafted unsigned update.
- Source
- cve@mitre.org
- NVD status
- Analyzed
Social media
- Hype score
- Not currently trending
Risk scores
CVSS 3.1
- Type
- Primary
- Base score
- 7.8
- Impact score
- 5.9
- Exploitability score
- 1.8
- Vector string
- CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
- Severity
- HIGH
CVSS 2.0
- Type
- Primary
- Base score
- 6.8
- Impact score
- 6.4
- Exploitability score
- 8.6
- Vector string
- AV:N/AC:M/Au:N/C:P/I:P/A:P
Weaknesses
- nvd@nist.gov
- CWE-120
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:nxp:lpc55s66jbd64_firmware:-:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "0C5709A1-1B83-4DDC-B3DC-336867D318DA"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:h:nxp:lpc55s66jbd64:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "CD4A2DDD-E476-46D6-B715-ABFD2DBC1D88"
}
],
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:nxp:lpc55s66jbd100_firmware:-:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "B09DE32B-7CA7-4737-AF06-90B864A50A85"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:h:nxp:lpc55s66jbd100:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "A1198FA4-CE4B-4637-B5EF-ED7C7F244DFD"
}
],
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:nxp:lpc55s66jev98_firmware:-:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "CF7610B9-70B5-451E-ABC6-A447B2AC6FDF"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:h:nxp:lpc55s66jev98:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "26327E81-0B45-4184-B42F-6497F840230D"
}
],
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:nxp:lpc55s69jbd64_firmware:-:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "18444119-AF09-496A-A3EF-9417DE557916"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:h:nxp:lpc55s69jbd64:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "785D9828-78BB-43C8-98E9-1AFDD717751F"
}
],
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:nxp:lpc55s69jbd100_firmware:-:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "C01C4752-62DA-432C-A802-F9478F06CAAF"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:h:nxp:lpc55s69jbd100:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "3C80F79A-520A-4A03-9D1A-8001DB385DBC"
}
],
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:nxp:lpc55s69jev98_firmware:-:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "25C0290C-529A-42C8-AF2E-B26462E3824C"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:h:nxp:lpc55s69jev98:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "D7511FE0-734D-48E4-8F80-06992AE21C76"
}
],
"operator": "OR"
}
],
"operator": "AND"
}
]