6.1
MEDIUM
CVE-2021-29414
STMicroelectronics STM32L4 Authentication Bypass Vulnerability
Description

STMicroelectronics STM32L4 devices through 2021-03-29 have incorrect physical access control.

INFO

Published Date :

May 21, 2021, 12:15 p.m.

Last Modified :

Nov. 21, 2024, 6:01 a.m.

Source :

[email protected]

Remotely Exploitable :

No

Impact Score :

5.2

Exploitability Score :

0.9
Affected Products

The following products are affected by CVE-2021-29414 vulnerability. Even if cvefeed.io is aware of the exact versions of the products that are affected, the information is not represented in the table below.

ID Vendor Product Action
1 St stm32cubel4_firmware
2 St stm32l412c8
3 St stm32l412cb
4 St stm32l412k8
5 St stm32l412kb
6 St stm32l412r8
7 St stm32l412rb
8 St stm32l412t8
9 St stm32l412tb
10 St stm32l422cb
11 St stm32l422kb
12 St stm32l422rb
13 St stm32l422tb
14 St stm32l431cb
15 St stm32l431cc
16 St stm32l431kb
17 St stm32l431kc
18 St stm32l431rb
19 St stm32l431rc
20 St stm32l431vc
21 St stm32l432kb
22 St stm32l432kc
23 St stm32l433cb
24 St stm32l433cc
25 St stm32l433rb
26 St stm32l433rc
27 St stm32l433vc
28 St stm32l442kc
29 St stm32l443cc
30 St stm32l443rc
31 St stm32l443vc
32 St stm32l451cc
33 St stm32l451ce
34 St stm32l451rc
35 St stm32l451re
36 St stm32l451vc
37 St stm32l451ve
38 St stm32l452cc
39 St stm32l452ce
40 St stm32l452rc
41 St stm32l452re
42 St stm32l452vc
43 St stm32l452ve
44 St stm32l462ce
45 St stm32l462re
46 St stm32l462ve
47 St stm32l471qe
48 St stm32l471qg
49 St stm32l471re
50 St stm32l471rg
51 St stm32l471ve
52 St stm32l471vg
53 St stm32l471ze
54 St stm32l471zg
55 St stm32l475rc
56 St stm32l475re
57 St stm32l475rg
58 St stm32l475vc
59 St stm32l475ve
60 St stm32l475vg
61 St stm32l476je
62 St stm32l476jg
63 St stm32l476me
64 St stm32l476mg
65 St stm32l476qe
66 St stm32l476qg
67 St stm32l476rc
68 St stm32l476re
69 St stm32l476rg
70 St stm32l476vc
71 St stm32l476ve
72 St stm32l476vg
73 St stm32l476ze
74 St stm32l476zg
75 St stm32l486jg
76 St stm32l486qg
77 St stm32l486rg
78 St stm32l486vg
79 St stm32l486zg
80 St stm32l496ae
81 St stm32l496ag
82 St stm32l496qe
83 St stm32l496qg
84 St stm32l496re
85 St stm32l496rg
86 St stm32l496ve
87 St stm32l496vg
88 St stm32l496wg
89 St stm32l496ze
90 St stm32l496zg
91 St stm32l4a6ag
92 St stm32l4a6qg
93 St stm32l4a6rg
94 St stm32l4a6vg
95 St stm32l4a6zg
: Total Affected Vendor : 1 | Products : 95
References to Advisories, Solutions, and Tools

Here, you will find a curated list of external links that provide in-depth information, practical solutions, and valuable tools related to CVE-2021-29414.

URL Resource
https://eprint.iacr.org/2021/640 Third Party Advisory
https://www.aisec.fraunhofer.de/de/das-institut/wissenschaftliche-exzellenz/security-and-trust-in-open-source-security-tokens.html Third Party Advisory
https://www.sit.fraunhofer.de/en/news-events/downloads-services/cve/ Not Applicable
https://eprint.iacr.org/2021/640 Third Party Advisory
https://www.aisec.fraunhofer.de/de/das-institut/wissenschaftliche-exzellenz/security-and-trust-in-open-source-security-tokens.html Third Party Advisory
https://www.sit.fraunhofer.de/en/news-events/downloads-services/cve/ Not Applicable

We scan GitHub repositories to detect new proof-of-concept exploits. Following list is a collection of public exploits and proof-of-concepts, which have been published on GitHub (sorted by the most recently updated).

Results are limited to the first 15 repositories due to potential performance issues.

The following list is the news that have been mention CVE-2021-29414 vulnerability anywhere in the article.

The following table lists the changes that have been made to the CVE-2021-29414 vulnerability over time.

Vulnerability history details can be useful for understanding the evolution of a vulnerability, and for identifying the most recent changes that may impact the vulnerability's severity, exploitability, or other characteristics.

  • CVE Modified by af854a3a-2127-422b-91ae-364da2661108

    Nov. 21, 2024

    Action Type Old Value New Value
    Added Reference https://eprint.iacr.org/2021/640
    Added Reference https://www.aisec.fraunhofer.de/de/das-institut/wissenschaftliche-exzellenz/security-and-trust-in-open-source-security-tokens.html
    Added Reference https://www.sit.fraunhofer.de/en/news-events/downloads-services/cve/
  • CVE Modified by [email protected]

    May. 14, 2024

    Action Type Old Value New Value
  • Initial Analysis by [email protected]

    Jun. 08, 2021

    Action Type Old Value New Value
    Added CVSS V2 NIST (AV:L/AC:L/Au:N/C:N/I:P/A:P)
    Added CVSS V3.1 NIST AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H
    Changed Reference Type https://eprint.iacr.org/2021/640 No Types Assigned https://eprint.iacr.org/2021/640 Third Party Advisory
    Changed Reference Type https://www.aisec.fraunhofer.de/de/das-institut/wissenschaftliche-exzellenz/security-and-trust-in-open-source-security-tokens.html No Types Assigned https://www.aisec.fraunhofer.de/de/das-institut/wissenschaftliche-exzellenz/security-and-trust-in-open-source-security-tokens.html Third Party Advisory
    Changed Reference Type https://www.sit.fraunhofer.de/en/news-events/downloads-services/cve/ No Types Assigned https://www.sit.fraunhofer.de/en/news-events/downloads-services/cve/ Not Applicable
    Added CWE NIST CWE-74
    Added CPE Configuration AND OR *cpe:2.3:o:st:stm32cubel4_firmware:*:*:*:*:*:*:*:* versions up to (including) 1.17.0 OR cpe:2.3:h:st:stm32l412c8:-:*:*:*:*:*:*:* cpe:2.3:h:st:stm32l412cb:-:*:*:*:*:*:*:* cpe:2.3:h:st:stm32l412k8:-:*:*:*:*:*:*:* cpe:2.3:h:st:stm32l412kb:-:*:*:*:*:*:*:* cpe:2.3:h:st:stm32l412r8:-:*:*:*:*:*:*:* cpe:2.3:h:st:stm32l412rb:-:*:*:*:*:*:*:* cpe:2.3:h:st:stm32l412t8:-:*:*:*:*:*:*:* cpe:2.3:h:st:stm32l412tb:-:*:*:*:*:*:*:* cpe:2.3:h:st:stm32l422cb:-:*:*:*:*:*:*:* cpe:2.3:h:st:stm32l422kb:-:*:*:*:*:*:*:* cpe:2.3:h:st:stm32l422rb:-:*:*:*:*:*:*:* cpe:2.3:h:st:stm32l422tb:-:*:*:*:*:*:*:* cpe:2.3:h:st:stm32l431cb:-:*:*:*:*:*:*:* cpe:2.3:h:st:stm32l431cc:-:*:*:*:*:*:*:* cpe:2.3:h:st:stm32l431kb:-:*:*:*:*:*:*:* cpe:2.3:h:st:stm32l431kc:-:*:*:*:*:*:*:* cpe:2.3:h:st:stm32l431rb:-:*:*:*:*:*:*:* cpe:2.3:h:st:stm32l431rc:-:*:*:*:*:*:*:* cpe:2.3:h:st:stm32l431vc:-:*:*:*:*:*:*:* cpe:2.3:h:st:stm32l432kb:-:*:*:*:*:*:*:* cpe:2.3:h:st:stm32l432kc:-:*:*:*:*:*:*:* cpe:2.3:h:st:stm32l433cb:-:*:*:*:*:*:*:* cpe:2.3:h:st:stm32l433cc:-:*:*:*:*:*:*:* cpe:2.3:h:st:stm32l433rb:-:*:*:*:*:*:*:* cpe:2.3:h:st:stm32l433rc:-:*:*:*:*:*:*:* cpe:2.3:h:st:stm32l433vc:-:*:*:*:*:*:*:* cpe:2.3:h:st:stm32l442kc:-:*:*:*:*:*:*:* cpe:2.3:h:st:stm32l443cc:-:*:*:*:*:*:*:* cpe:2.3:h:st:stm32l443rc:-:*:*:*:*:*:*:* cpe:2.3:h:st:stm32l443vc:-:*:*:*:*:*:*:* cpe:2.3:h:st:stm32l451cc:-:*:*:*:*:*:*:* cpe:2.3:h:st:stm32l451ce:-:*:*:*:*:*:*:* cpe:2.3:h:st:stm32l451rc:-:*:*:*:*:*:*:* cpe:2.3:h:st:stm32l451re:-:*:*:*:*:*:*:* cpe:2.3:h:st:stm32l451vc:-:*:*:*:*:*:*:* cpe:2.3:h:st:stm32l451ve:-:*:*:*:*:*:*:* cpe:2.3:h:st:stm32l452cc:-:*:*:*:*:*:*:* cpe:2.3:h:st:stm32l452ce:-:*:*:*:*:*:*:* cpe:2.3:h:st:stm32l452rc:-:*:*:*:*:*:*:* cpe:2.3:h:st:stm32l452re:-:*:*:*:*:*:*:* cpe:2.3:h:st:stm32l452vc:-:*:*:*:*:*:*:* cpe:2.3:h:st:stm32l452ve:-:*:*:*:*:*:*:* cpe:2.3:h:st:stm32l462ce:-:*:*:*:*:*:*:* cpe:2.3:h:st:stm32l462re:-:*:*:*:*:*:*:* cpe:2.3:h:st:stm32l462ve:-:*:*:*:*:*:*:* cpe:2.3:h:st:stm32l471qe:-:*:*:*:*:*:*:* cpe:2.3:h:st:stm32l471qg:-:*:*:*:*:*:*:* cpe:2.3:h:st:stm32l471re:-:*:*:*:*:*:*:* cpe:2.3:h:st:stm32l471rg:-:*:*:*:*:*:*:* cpe:2.3:h:st:stm32l471ve:-:*:*:*:*:*:*:* cpe:2.3:h:st:stm32l471vg:-:*:*:*:*:*:*:* cpe:2.3:h:st:stm32l471ze:-:*:*:*:*:*:*:* cpe:2.3:h:st:stm32l471zg:-:*:*:*:*:*:*:* cpe:2.3:h:st:stm32l475rc:-:*:*:*:*:*:*:* cpe:2.3:h:st:stm32l475re:-:*:*:*:*:*:*:* cpe:2.3:h:st:stm32l475rg:-:*:*:*:*:*:*:* cpe:2.3:h:st:stm32l475vc:-:*:*:*:*:*:*:* cpe:2.3:h:st:stm32l475ve:-:*:*:*:*:*:*:* cpe:2.3:h:st:stm32l475vg:-:*:*:*:*:*:*:* cpe:2.3:h:st:stm32l476je:-:*:*:*:*:*:*:* cpe:2.3:h:st:stm32l476jg:-:*:*:*:*:*:*:* cpe:2.3:h:st:stm32l476me:-:*:*:*:*:*:*:* cpe:2.3:h:st:stm32l476mg:-:*:*:*:*:*:*:* cpe:2.3:h:st:stm32l476qe:-:*:*:*:*:*:*:* cpe:2.3:h:st:stm32l476qg:-:*:*:*:*:*:*:* cpe:2.3:h:st:stm32l476rc:-:*:*:*:*:*:*:* cpe:2.3:h:st:stm32l476re:-:*:*:*:*:*:*:* cpe:2.3:h:st:stm32l476rg:-:*:*:*:*:*:*:* cpe:2.3:h:st:stm32l476vc:-:*:*:*:*:*:*:* cpe:2.3:h:st:stm32l476ve:-:*:*:*:*:*:*:* cpe:2.3:h:st:stm32l476vg:-:*:*:*:*:*:*:* cpe:2.3:h:st:stm32l476ze:-:*:*:*:*:*:*:* cpe:2.3:h:st:stm32l476zg:-:*:*:*:*:*:*:* cpe:2.3:h:st:stm32l486jg:-:*:*:*:*:*:*:* cpe:2.3:h:st:stm32l486qg:-:*:*:*:*:*:*:* cpe:2.3:h:st:stm32l486rg:-:*:*:*:*:*:*:* cpe:2.3:h:st:stm32l486vg:-:*:*:*:*:*:*:* cpe:2.3:h:st:stm32l486zg:-:*:*:*:*:*:*:* cpe:2.3:h:st:stm32l496ae:-:*:*:*:*:*:*:* cpe:2.3:h:st:stm32l496ag:-:*:*:*:*:*:*:* cpe:2.3:h:st:stm32l496qe:-:*:*:*:*:*:*:* cpe:2.3:h:st:stm32l496qg:-:*:*:*:*:*:*:* cpe:2.3:h:st:stm32l496re:-:*:*:*:*:*:*:* cpe:2.3:h:st:stm32l496rg:-:*:*:*:*:*:*:* cpe:2.3:h:st:stm32l496ve:-:*:*:*:*:*:*:* cpe:2.3:h:st:stm32l496vg:-:*:*:*:*:*:*:* cpe:2.3:h:st:stm32l496wg:-:*:*:*:*:*:*:* cpe:2.3:h:st:stm32l496ze:-:*:*:*:*:*:*:* cpe:2.3:h:st:stm32l496zg:-:*:*:*:*:*:*:* cpe:2.3:h:st:stm32l4a6ag:-:*:*:*:*:*:*:* cpe:2.3:h:st:stm32l4a6qg:-:*:*:*:*:*:*:* cpe:2.3:h:st:stm32l4a6rg:-:*:*:*:*:*:*:* cpe:2.3:h:st:stm32l4a6vg:-:*:*:*:*:*:*:* cpe:2.3:h:st:stm32l4a6zg:-:*:*:*:*:*:*:*
  • CVE Modified by [email protected]

    May. 26, 2021

    Action Type Old Value New Value
    Added Reference https://eprint.iacr.org/2021/640 [No Types Assigned]
    Added Reference https://www.aisec.fraunhofer.de/de/das-institut/wissenschaftliche-exzellenz/security-and-trust-in-open-source-security-tokens.html [No Types Assigned]
EPSS is a daily estimate of the probability of exploitation activity being observed over the next 30 days. Following chart shows the EPSS score history of the vulnerability.
CWE - Common Weakness Enumeration

While CVE identifies specific instances of vulnerabilities, CWE categorizes the common flaws or weaknesses that can lead to vulnerabilities. CVE-2021-29414 is associated with the following CWEs:

Common Attack Pattern Enumeration and Classification (CAPEC)

Common Attack Pattern Enumeration and Classification (CAPEC) stores attack patterns, which are descriptions of the common attributes and approaches employed by adversaries to exploit the CVE-2021-29414 weaknesses.

CAPEC-3: Using Leading 'Ghost' Character Sequences to Bypass Input Filters Using Leading 'Ghost' Character Sequences to Bypass Input Filters CAPEC-6: Argument Injection Argument Injection CAPEC-7: Blind SQL Injection Blind SQL Injection CAPEC-8: Buffer Overflow in an API Call Buffer Overflow in an API Call CAPEC-9: Buffer Overflow in Local Command-Line Utilities Buffer Overflow in Local Command-Line Utilities CAPEC-10: Buffer Overflow via Environment Variables Buffer Overflow via Environment Variables CAPEC-13: Subverting Environment Variable Values Subverting Environment Variable Values CAPEC-14: Client-side Injection-induced Buffer Overflow Client-side Injection-induced Buffer Overflow CAPEC-24: Filter Failure through Buffer Overflow Filter Failure through Buffer Overflow CAPEC-28: Fuzzing Fuzzing CAPEC-34: HTTP Response Splitting HTTP Response Splitting CAPEC-42: MIME Conversion MIME Conversion CAPEC-43: Exploiting Multiple Input Interpretation Layers Exploiting Multiple Input Interpretation Layers CAPEC-45: Buffer Overflow via Symbolic Links Buffer Overflow via Symbolic Links CAPEC-46: Overflow Variables and Tags Overflow Variables and Tags CAPEC-47: Buffer Overflow via Parameter Expansion Buffer Overflow via Parameter Expansion CAPEC-51: Poison Web Service Registry Poison Web Service Registry CAPEC-52: Embedding NULL Bytes Embedding NULL Bytes CAPEC-53: Postfix, Null Terminate, and Backslash Postfix, Null Terminate, and Backslash CAPEC-64: Using Slashes and URL Encoding Combined to Bypass Validation Logic Using Slashes and URL Encoding Combined to Bypass Validation Logic CAPEC-67: String Format Overflow in syslog() String Format Overflow in syslog() CAPEC-71: Using Unicode Encoding to Bypass Validation Logic Using Unicode Encoding to Bypass Validation Logic CAPEC-72: URL Encoding URL Encoding CAPEC-76: Manipulating Web Input to File System Calls Manipulating Web Input to File System Calls CAPEC-78: Using Escaped Slashes in Alternate Encoding Using Escaped Slashes in Alternate Encoding CAPEC-79: Using Slashes in Alternate Encoding Using Slashes in Alternate Encoding CAPEC-80: Using UTF-8 Encoding to Bypass Validation Logic Using UTF-8 Encoding to Bypass Validation Logic CAPEC-83: XPath Injection XPath Injection CAPEC-84: XQuery Injection XQuery Injection CAPEC-101: Server Side Include (SSI) Injection Server Side Include (SSI) Injection CAPEC-105: HTTP Request Splitting HTTP Request Splitting CAPEC-108: Command Line Execution through SQL Injection Command Line Execution through SQL Injection CAPEC-120: Double Encoding Double Encoding CAPEC-135: Format String Injection Format String Injection CAPEC-250: XML Injection XML Injection CAPEC-267: Leverage Alternate Encoding Leverage Alternate Encoding CAPEC-273: HTTP Response Smuggling HTTP Response Smuggling
Exploit Prediction

EPSS is a daily estimate of the probability of exploitation activity being observed over the next 30 days.

0.08 }} 0.01%

score

0.31946

percentile

CVSS31 - Vulnerability Scoring System
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
: