Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
An issue was discovered on Renesas SmartBond DA14691, DA14695, DA14697, and DA14699 devices. The bootrom function responsible for validating the Flash Product Header directly uses a user-controllable size value (Length of Flash Config Section) to control a read from the QSPI device into a fixed sized buffer, resulting in a buffer overflow and execution of arbitrary code.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
多款Renesas产品 安全漏洞
Vulnerability Description
Renesas SmartBond DA14691等都是日本瑞萨(Renesas)公司的一款无线连接多核微控制器单元(MCU)。 多款Renesas产品存在安全漏洞,该漏洞源于负责验证Flash产品标头的bootrom函数直接使用用户可控制的大小值,可能导致缓冲区溢出并执行任意代码。以下产品受到影响:SmartBond DA14691、DA14695、DA14697和DA14699。
CVSS Information
N/A
Vulnerability Type
N/A