CVE-2017-7936
MEDIUMNXP Vybrid Mvf30nn151cku26 Firmware - Memory Corruption
Title source: ruleDescription
A stack-based buffer overflow issue was discovered in NXP i.MX 50, i.MX 53, i.MX 6ULL, i.MX 6UltraLite, i.MX 6SoloLite, i.MX 6Solo, i.MX 6DualLite, i.MX 6SoloX, i.MX 6Dual, i.MX 6Quad, i.MX 6DualPlus, i.MX 6QuadPlus, Vybrid VF3xx, Vybrid VF5xx, and Vybrid VF6xx. When the device is configured in security enabled configuration, SDP could be used to download a small section of code to an unprotected region of memory.
Scores
CVSS v3
6.3
EPSS
0.0016
EPSS Percentile
36.6%
Attack Vector
PHYSICAL
CVSS:3.0/AV:P/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
Details
CWE
CWE-119
CWE-121
Status
published
Products (28)
nxp/vybrid_mvf30nn151cku26_firmware
nxp/vybrid_mvf30ns151cku26_firmware
nxp/vybrid_mvf50nn151cmk40_firmware
nxp/vybrid_mvf50nn151cmk50_firmware
nxp/vybrid_mvf50ns151cmk40_firmware
nxp/vybrid_mvf50ns151cmk50_firmware
nxp/vybrid_mvf51nn151cmk50_firmware
nxp/vybrid_mvf51ns151cmk50_firmware
nxp/vybrid_mvf60nn151cmk40_firmware
nxp/vybrid_mvf60ns151cmk40_firmware
... and 18 more
Published
Aug 07, 2017
Tracked Since
Feb 18, 2026