CVE-2024-4760

Published: May 16, 2024

Modified: Jun 6, 2025

PUBLISHED

CVSS v3.1

6.3

MEDIUM

Description

A voltage glitch during the startup of EEFC NVM controllers on Microchip SAM E70/S70/V70/V71, SAM G55, SAM 4C/4S/4N/4E, and SAM 3S/3N/3U microcontrollers allows access to the memory bus via the debug interface even if the security bit is set.

Vendor	Product	Versions
Microchip	SAME70	affected `0`
Microchip	SAMS70	affected `0`
Microchip	SAMV70	affected `0`
Microchip	SAMV71	affected `0`
Microchip	SAMG55	affected `0`
Microchip	SAM4C	affected `0`
Microchip	SAM4S	affected `0`
Microchip	SAM4N	affected `0`
Microchip	SAM4E	affected `0`
Microchip	SAM3S	affected `0`
Microchip	SAM3N	affected `0`
Microchip	SAM3U	affected `0`

Weaknesses (CWE)

CWE-1247

CVSS v3.1 Details

CVSS v3.1 Vector

CVSS:3.1/AV:P/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

Attack Vector

Physical

Attack Complexity

High

Privileges Required

None

User Interaction

Required

Scope

Unchanged

Confidentiality

High

Integrity

High

Availability

High

References

https://www.0x01team.com/hw_security/bypassing-microchip-atmel-sam-e70-s70-v70-v71-security/

technical-description

exploit

https://ww1.microchip.com/downloads/aemDocuments/documents/MCU32/ProductDocuments/SupportingCollateral/Security-Advisory-CVE-2024-4760.pdf

vendor-advisory

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2024-4760

Description

Affected Products

Weaknesses (CWE)

CVSS v3.1 Details

References