var-201807-0270
Vulnerability from variot
Das U-Boot is a device bootloader that can read its configuration from an AES encrypted file. Devices that make use of Das U-Boot's AES-CBC encryption feature using environment encryption (i.e., setting the configuration parameter CONFIG_ENV_AES=y) read environment variables from disk as the encrypted disk image is processed. An attacker with physical access to the device can manipulate the encrypted environment data to include a crafted two-byte sequence which triggers an error in environment variable parsing. This error condition is improperly handled by Das U-Boot, resulting in an immediate process termination with a debugging message. For devices utilizing this environment encryption mode, U-Boot's use of a zero initialization vector and improper handling of an error condition may allow attacks against the underlying cryptographic implementation and allow an attacker to decrypt the data. Das U-Boot of AES-CBC Multiple vulnerabilities exist in cryptographic implementations. Das U-Boot of AES-CBC Multiple vulnerabilities exist in the encryption implementation: CBC The initialization vector value used in the mode is not random (CWE-329) - CVE-2017-3225 Das U-Boot of AES-CBC In encryption, the value of the initialization vector 0 using. The attacker Das U-Boot Information may be obtained by performing a dictionary attack on the encrypted data created in. As a result, an attacker could decrypt the content on your device or possibly tamper with it.An attacker with access to the device may be able to decrypt the content on the device. An attacker can exploit these issues to gain access to sensitive information or may perform certain unauthorized actions; this may lead to further attacks
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201807-0270",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "u-boot",
"scope": "lt",
"trust": 1.0,
"vendor": "denx",
"version": "2017.09"
},
{
"model": "u-boot",
"scope": null,
"trust": 0.8,
"vendor": "denx engineering",
"version": null
},
{
"model": "das u-boot",
"scope": "eq",
"trust": 0.3,
"vendor": "u boot",
"version": "0"
}
],
"sources": [
{
"db": "BID",
"id": "100675"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-010588"
},
{
"db": "NVD",
"id": "CVE-2017-3226"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:denx:u-boot",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-010588"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Allan Xavier",
"sources": [
{
"db": "BID",
"id": "100675"
},
{
"db": "CNNVD",
"id": "CNNVD-201709-517"
}
],
"trust": 0.9
},
"cve": "CVE-2017-3226",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 4.4,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 3.4,
"id": "CVE-2017-3226",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 1.0,
"vectorString": "AV:L/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "High",
"accessVector": "Local",
"authentication": "None",
"author": "IPA",
"availabilityImpact": "None",
"baseScore": 5.6,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "JVNDB-2017-010588",
"impactScore": null,
"integrityImpact": "Complete",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:L/AC:H/Au:N/C:C/I:C/A:N",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "HIGH",
"attackVector": "PHYSICAL",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 0.5,
"id": "CVE-2017-3226",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:P/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
{
"attackComplexity": "High",
"attackVector": "Physical",
"author": "IPA",
"availabilityImpact": "None",
"baseScore": 5.7,
"baseSeverity": "Medium",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "JVNDB-2017-010588",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:P/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2017-3226",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "IPA",
"id": "JVNDB-2017-010588",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNNVD",
"id": "CNNVD-201709-517",
"trust": 0.6,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-010588"
},
{
"db": "CNNVD",
"id": "CNNVD-201709-517"
},
{
"db": "NVD",
"id": "CVE-2017-3226"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Das U-Boot is a device bootloader that can read its configuration from an AES encrypted file. Devices that make use of Das U-Boot\u0027s AES-CBC encryption feature using environment encryption (i.e., setting the configuration parameter CONFIG_ENV_AES=y) read environment variables from disk as the encrypted disk image is processed. An attacker with physical access to the device can manipulate the encrypted environment data to include a crafted two-byte sequence which triggers an error in environment variable parsing. This error condition is improperly handled by Das U-Boot, resulting in an immediate process termination with a debugging message. For devices utilizing this environment encryption mode, U-Boot\u0027s use of a zero initialization vector and improper handling of an error condition may allow attacks against the underlying cryptographic implementation and allow an attacker to decrypt the data. Das U-Boot of AES-CBC Multiple vulnerabilities exist in cryptographic implementations. Das U-Boot of AES-CBC Multiple vulnerabilities exist in the encryption implementation: CBC The initialization vector value used in the mode is not random (CWE-329) - CVE-2017-3225 Das U-Boot of AES-CBC In encryption, the value of the initialization vector 0 using. The attacker Das U-Boot Information may be obtained by performing a dictionary attack on the encrypted data created in. As a result, an attacker could decrypt the content on your device or possibly tamper with it.An attacker with access to the device may be able to decrypt the content on the device. \nAn attacker can exploit these issues to gain access to sensitive information or may perform certain unauthorized actions; this may lead to further attacks",
"sources": [
{
"db": "NVD",
"id": "CVE-2017-3226"
},
{
"db": "CERT/CC",
"id": "VU#166743"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-010588"
},
{
"db": "BID",
"id": "100675"
}
],
"trust": 2.61
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#166743",
"trust": 3.5
},
{
"db": "NVD",
"id": "CVE-2017-3226",
"trust": 2.7
},
{
"db": "BID",
"id": "100675",
"trust": 1.9
},
{
"db": "JVN",
"id": "JVNVU96769287",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2017-010588",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201709-517",
"trust": 0.6
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#166743"
},
{
"db": "BID",
"id": "100675"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-010588"
},
{
"db": "CNNVD",
"id": "CNNVD-201709-517"
},
{
"db": "NVD",
"id": "CVE-2017-3226"
}
]
},
"id": "VAR-201807-0270",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.26666668
},
"last_update_date": "2024-11-23T22:26:17.354000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "env: Migrate CONFIG_ENV_AES to Kconfig and deprecate",
"trust": 0.8,
"url": "http://git.denx.de/?p=u-boot.git;a=commit;h=5eb35220b2cbeac79af8d73c696f5930a755c5bd"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-010588"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-329",
"trust": 1.8
},
{
"problemtype": "CWE-310",
"trust": 1.0
},
{
"problemtype": "CWE-208",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-010588"
},
{
"db": "NVD",
"id": "CVE-2017-3226"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.7,
"url": "https://www.kb.cert.org/vuls/id/166743"
},
{
"trust": 1.6,
"url": "http://www.securityfocus.com/bid/100675"
},
{
"trust": 0.8,
"url": "https://cwe.mitre.org/data/definitions/208.html"
},
{
"trust": 0.8,
"url": "http://cwe.mitre.org/data/definitions/329.html"
},
{
"trust": 0.8,
"url": "http://www.brocade.com/content/dam/common/documents/content-types/security-bulletin/brocade-security-advisory-2017-444.htm"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-3225"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-3226"
},
{
"trust": 0.8,
"url": "http://jvn.jp/vu/jvnvu96769287/index.html"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-3225"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-3226"
},
{
"trust": 0.3,
"url": "https://www.denx.de/wiki/u-boot/webhome"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#166743"
},
{
"db": "BID",
"id": "100675"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-010588"
},
{
"db": "CNNVD",
"id": "CNNVD-201709-517"
},
{
"db": "NVD",
"id": "CVE-2017-3226"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#166743"
},
{
"db": "BID",
"id": "100675"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-010588"
},
{
"db": "CNNVD",
"id": "CNNVD-201709-517"
},
{
"db": "NVD",
"id": "CVE-2017-3226"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-09-08T00:00:00",
"db": "CERT/CC",
"id": "VU#166743"
},
{
"date": "2017-09-08T00:00:00",
"db": "BID",
"id": "100675"
},
{
"date": "2017-12-20T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-010588"
},
{
"date": "2017-09-18T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201709-517"
},
{
"date": "2018-07-24T15:29:00.983000",
"db": "NVD",
"id": "CVE-2017-3226"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-10-12T00:00:00",
"db": "CERT/CC",
"id": "VU#166743"
},
{
"date": "2017-09-08T00:00:00",
"db": "BID",
"id": "100675"
},
{
"date": "2019-07-24T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-010588"
},
{
"date": "2019-10-17T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201709-517"
},
{
"date": "2024-11-21T03:25:04.597000",
"db": "NVD",
"id": "CVE-2017-3226"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "local",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201709-517"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Das U-Boot AES-CBC encryption implementation contains multiple vulnerabilities",
"sources": [
{
"db": "CERT/CC",
"id": "VU#166743"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "encryption problem",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201709-517"
}
],
"trust": 0.6
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.