Vulnerability Details : CVE-2020-12789
The Secure Monitor in Microchip Atmel ATSAMA5 products use a hardcoded key to encrypt and authenticate secure applets.
Products affected by CVE-2020-12789
- cpe:2.3:o:microchip:atsama5d21c-cu_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:microchip:atsama5d21c-cur_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:microchip:atsama5d22c-cn_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:microchip:atsama5d22c-cnr_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:microchip:atsama5d22c-cu_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:microchip:atsama5d22c-cur_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:microchip:atsama5d23c-cn_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:microchip:atsama5d23c-cnr_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:microchip:atsama5d23c-cu_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:microchip:atsama5d23c-cur_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:microchip:atsama5d24c-cu_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:microchip:atsama5d24c-cuf_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:microchip:atsama5d24c-cur_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:microchip:atsama5d26c-cn_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:microchip:atsama5d26c-cnr_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:microchip:atsama5d26c-cu_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:microchip:atsama5d26c-cur_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:microchip:atsama5d27c-cn_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:microchip:atsama5d27c-cnr_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:microchip:atsama5d27c-cu_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:microchip:atsama5d27c-cur_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:microchip:atsama5d28c-cn_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:microchip:atsama5d28c-cnr_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:microchip:atsama5d28c-cu_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:microchip:atsama5d28c-cur_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:microchip:atsama5d27c-cnvao_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:microchip:atsama5d27c-cnrvao_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:microchip:atsama5d225c-d1m-cur_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:microchip:atsama5d27c-d5m-cu_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:microchip:atsama5d27c-d5m-cur_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:microchip:atsama5d27c-d1g-cu_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:microchip:atsama5d27c-d1g-cur_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:microchip:atsama5d28c-d1g-cu_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:microchip:atsama5d28c-d1g-cur_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:microchip:atsama5d27c-ld1g-cu_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:microchip:atsama5d27c-ld1g-cur_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:microchip:atsama5d27c-ld2g-cu_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:microchip:atsama5d27c-ld2g-cur_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:microchip:atsama5d28c-ld1g-cu_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:microchip:atsama5d28c-ld1g-cur_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:microchip:atsama5d28c-ld2g-cu_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:microchip:atsama5d28c-ld2g-cur_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:microchip:atsama5d27-wlsom1_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:microchip:atsama5d27-som1_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:microchip:atsama5d31a-cu_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:microchip:atsama5d31a-cur_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:microchip:atsama5d31a-cfu_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:microchip:atsama5d31a-cfur_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:microchip:atsama5d33a-cu_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:microchip:atsama5d33a-cur_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:microchip:atsama5d34a-cu_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:microchip:atsama5d34a-cur_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:microchip:atsama5d35a-cu_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:microchip:atsama5d35a-cur_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:microchip:atsama5d35a-cn_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:microchip:atsama5d35a-cnr_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:microchip:atsama5d36a-cu_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:microchip:atsama5d36a-cur_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:microchip:atsama5d36a-cn_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:microchip:atsama5d36a-cnr_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:microchip:atsama5d41a-cu_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:microchip:atsama5d41a-cur_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:microchip:atsama5d41b-cu_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:microchip:atsama5d41b-cur_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:microchip:atsama5d42a-cu_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:microchip:atsama5d42a-cur_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:microchip:atsama5d42b-cu_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:microchip:atsama5d42b-cur_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:microchip:atsama5d43a-cu_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:microchip:atsama5d43a-cur_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:microchip:atsama5d43b-cu_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:microchip:atsama5d43b-cur_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:microchip:atsama5d44a-cu_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:microchip:atsama5d44a-cur_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:microchip:atsama5d44b-cu_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:microchip:atsama5d44b-cur_firmware:-:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2020-12789
0.14%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 50 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2020-12789
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
4.3
|
MEDIUM | AV:N/AC:M/Au:N/C:P/I:N/A:N |
8.6
|
2.9
|
NIST | |
7.5
|
HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N |
3.9
|
3.6
|
NIST |
CWE ids for CVE-2020-12789
-
The product contains hard-coded credentials, such as a password or cryptographic key.Assigned by: nvd@nist.gov (Primary)
References for CVE-2020-12789
-
https://labs.f-secure.com/advisories/microchip-atsama5-soc-multiple-vulnerabilities/
Microchip ATSAMA5 SoC Multiple VulnerabilitiesThird Party Advisory
Jump to