• CVSS Severity Rating • Fix Information • Vulnerable Software Versions • SCAP Mappings • CPE Information
STMicroelectronics STSAFE-A1xx middleware before 3.3.7 allows MCU code execution if an adversary has the ability to read from and write to the I2C bus. This is caused by an StSafeA_ReceiveBytes buffer overflow in the X-CUBE-SAFEA1 Software Package for STSAFE-A sample applications (1.2.0), and thus can affect user-written code that was derived from a published sample application.
Note: References are provided for the convenience of the reader to help distinguish between vulnerabilities. The list is not intended to be complete.
Assigning CNA
MITRE Corporation
Date Record Created
20231204 Disclaimer: The record creation date may reflect when the CVE ID was allocated or reserved, and does not necessarily indicate when this vulnerability was discovered, shared with the affected vendor, publicly disclosed, or updated in CVE.
Phase (Legacy)
Assigned (20231204)
Votes (Legacy)
Comments (Legacy)
Proposed (Legacy)
This is an record on the CVE List, which provides common identifiers for publicly known cybersecurity vulnerabilities.