Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
STMicroelectronics STSAFE-A1xx middleware before 3.3.7 allows MCU code execution if an adversary has the ability to read from and write to the I2C bus. This is caused by an StSafeA_ReceiveBytes buffer overflow in the X-CUBE-SAFEA1 Software Package for STSAFE-A sample applications (1.2.0), and thus can affect user-written code that was derived from a published sample application.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
STMicroelectronics STSAFE-A1xx 安全漏洞
Vulnerability Description
STMicroelectronics STSAFE-A1xx是瑞士意法半导体(STMicroelectronics)公司的一个中间件。 STMicroelectronics STSAFE-A1xx 3.3.7 之前版本存在安全漏洞,该漏洞源于X-CUBE-SAFEA1 软件包中的 StSafeA_ReceiveBytes 存在缓冲区溢出,如果攻击者能够读取和写入 I2C 总线,则可以执行 MCU 代码。
CVSS Information
N/A
Vulnerability Type
N/A