Vulnerabilities > ST > Stm32L4 Firmware

DATE CVE VULNERABILITY TITLE RISK
2019-09-24 CVE-2019-14238 Improper Authentication vulnerability in ST products
On STMicroelectronics STM32F7 devices, Proprietary Code Read Out Protection (PCROP) (a software IP protection method) can be defeated with a debug probe via the Instruction Tightly Coupled Memory (ITCM) bus.
low complexity
st CWE-287
6.6
2019-09-12 CVE-2019-14236 Incorrect Authorization vulnerability in ST products
On STMicroelectronics STM32L0, STM32L1, STM32L4, STM32F4, STM32F7, and STM32H7 devices, Proprietary Code Read Out Protection (PCROP) (a software IP protection method) can be defeated by observing CPU registers and the effect of code/instruction execution.
network
low complexity
st CWE-863
critical
9.8