QwikSec

Security Database

CVE

CWE

Training

CVE Database
/

CVE-2017-7932

Back to search

CVE-2017-7932

Published: Aug 7, 2017

Modified: Aug 5, 2024

PUBLISHED

Description

An improper certificate validation issue was discovered in NXP i.MX 28 i.MX 50, i.MX 53, i.MX 7Solo i.MX 7Dual Vybrid VF3xx, Vybrid VF5xx, Vybrid VF6xx, i.MX 6ULL, i.MX 6UltraLite, i.MX 6SoloLite, i.MX 6Solo, i.MX 6DualLite, i.MX 6SoloX, i.MX 6Dual, i.MX 6Quad, i.MX 6DualPlus, and i.MX 6QuadPlus. When the device is configured in security enabled configuration, under certain conditions it is possible to bypass the signature verification by using a specially crafted certificate leading to the execution of an unsigned image.

VendorProductVersions

n/a

NXP i.MX Product Family

affected
NXP i.MX Product Family

Weaknesses (CWE)

CWE-295

References

99966
vdb-entry
x_refsource_BID

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now