Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
A timing side channel was discovered in AT91bootstrap before 3.9.2. It can be exploited by attackers with physical access to forge CMAC values and subsequently boot arbitrary code on an affected system.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Microchip AT91bootstrap 安全漏洞
Vulnerability Description
Microchip AT91bootstrap是美国柏通(Microchip)的二级引导加载程序。它提供了一组算法来管理硬件初始化,例如时钟速度配置、PIO 设置、DRAM 初始化,从指定的启动介质下载您的主要应用程序:NAND FLASH、串行 FLASH(DataFlash 的 AT25 兼容)、串行 EEPROM、 SD 卡等到主存储器并启动它。 Microchip AT91bootstrap 3.9.2版本之前存在安全漏洞,攻击者可以利用该漏洞来伪造CMAC值,然后在受影响的系统上启动任意代码。
CVSS Information
N/A
Vulnerability Type
N/A