Vulnerabilities > CVE-2020-27211 - Information Exposure Through Discrepancy vulnerability in Nordicsemi Nrf52840 Firmware 20201019

047910
CVSS 3.3 - LOW
Attack vector
LOCAL
Attack complexity
MEDIUM
Privileges required
NONE
Confidentiality impact
PARTIAL
Integrity impact
PARTIAL
Availability impact
NONE

Summary

Nordic Semiconductor nRF52840 devices through 2020-10-19 have improper protection against physical side channels. The flash read-out protection (APPROTECT) can be bypassed by injecting a fault during the boot phase.

Vulnerable Configurations

Part Description Count
OS
Nordicsemi
2
Hardware
Nordicsemi
1

Common Weakness Enumeration (CWE)