Missing Protection Mechanism in STMicroelectronics SPC58 PowerPC Microcontrollers
CVE-2023-48010

Currently unrated

Key Information:

Vendor: STMicroelectronics
Status: SPC58 PowerPC Microcontrollers
Vendor: CVE Published:; 5 December 2024

🔔 Create STMicroelectronics Vulnerability Alert

What is CVE-2023-48010?

STMicroelectronics SPC58 PowerPC microcontrollers exhibit a vulnerability due to a missing protection mechanism that allows unauthorized access through the Alternate Hardware Interface. This issue enables code executed at the Supervisor level to disable the System Memory Protection Unit, leading to unrestricted read and write access to sensitive system memory resources. This poses a significant risk to the integrity and confidentiality of data within automotive systems.

References

https://www.st.com/resource/en/reference_manual/rm0452-sp...

https://plaxidityx.com/blog/blog-post/is-your-memory-prot...

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Dec 5, 2024
Vulnerability Reserved
Nov 13, 2023