CVE-2020-27211 : Nordic Semiconductor nRF52840 devices through 2020-10-19 have improper protectio

Nordic Semiconductor nRF52840 devices through 2020-10-19 have improper protection against physical side channels. The flash read-out protection (APPROTECT) can be bypassed by injecting a fault during the boot phase.

Published 2021-05-21 13:15:08

Updated 2022-05-03 16:04:40

Source MITRE

View at NVD, CVE.org

Products affected by CVE-2020-27211

Nordicsemi » Nrf52840 Firmware
Versions up to, including, (<=) 2020-10-19
cpe:2.3:o:nordicsemi:nrf52840_firmware:*:*:*:*:*:*:*:*
Matching versions
When used together with: Nordicsemi » Nrf52840 » Version: N/A

Exploit prediction scoring system (EPSS) score for CVE-2020-27211

EPSS FAQ

0.08%

Probability of exploitation activity in the next 30 days EPSS Score History

~ 20 %

Percentile, the proportion of vulnerabilities that are scored at or less

CVSS scores for CVE-2020-27211

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Score Source
3.3	LOW	AV:L/AC:M/Au:N/C:P/I:P/A:N	3.4	4.9	NIST
Access Vector: Local Access Complexity: Medium Authentication: None Confidentiality Impact: Partial Integrity Impact: Partial Availability Impact: None
5.7	MEDIUM	CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N	0.5	5.2	NIST
Attack Vector: Physical Attack Complexity: High Privileges Required: None User Interaction: None Scope: Unchanged Confidentiality: High Integrity: High Availability: None

CWE ids for CVE-2020-27211

CWE-203 Observable Discrepancy

The product behaves differently or sends different responses under different circumstances in a way that is observable to an unauthorized actor, which exposes security-relevant information about the state of the product, such as whether a particular operation was successful or not.

Assigned by: nvd@nist.gov (Primary)

References for CVE-2020-27211

https://www.aisec.fraunhofer.de/en/FirmwareProtection.html

Shedding too much Light on a Microcontroller’s Firmware Protection - Fraunhofer AISEC
Third Party Advisory

CVEs referencing this url
https://eprint.iacr.org/2021/640

Cryptology ePrint Archive: Report 2021/640 - Security and Trust in Open Source Security Tokens
Third Party Advisory

CVEs referencing this url
https://www.aisec.fraunhofer.de/de/das-institut/wissenschaftliche-exzellenz/security-and-trust-in-open-source-security-tokens.html

Security and Trust in Open Source Security Tokens - Fraunhofer AISEC
Third Party Advisory

CVEs referencing this url
https://limitedresults.com/2020/06/nrf52-debug-resurrection-approtect-bypass/

nRF52 Debug Resurrection (APPROTECT Bypass) Part 1 - LimitedResults
Third Party Advisory
https://infocenter.nordicsemi.com/pdf/in_133_v1.0.pdf

Third Party Advisory

Jump to

Vulnerability Details : CVE-2020-27211

Products affected by CVE-2020-27211

Exploit prediction scoring system (EPSS) score for CVE-2020-27211

CVSS scores for CVE-2020-27211

CWE ids for CVE-2020-27211

References for CVE-2020-27211