Known Vulnerabilities for products from Nxp
Listed below are 20 of the newest known vulnerabilities associated with the vendor "Nxp".
These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.
Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.
Additional devices specifications by Nxp can be found at device.report : Nxp
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2023-39902 json | A software vulnerability has been identified in the U-Boot Secondary Program Loader (SPL) before 2023.07 on select NXP i.MX 8... | 7.8 - HIGH | 2023-10-17 | 2023-10-24 |
| CVE-2022-45163 json | An information-disclosure vulnerability exists on select NXP devices when configured in Serial Download Protocol (SDP) mode: ... | 4.6 - MEDIUM | 2022-11-18 | 2022-11-28 |
| CVE-2022-22819 json | ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new secur... | 7.8 - HIGH | 2022-03-23 | 2022-04-15 |
| CVE-2021-44479 json | NXP Kinetis K82 devices have a buffer over-read via a crafted wlength value in a GET Status-Other request during use of USB I... | 5.5 - MEDIUM | 2021-12-01 | 2021-12-16 |
| CVE-2021-44149 json | An issue was discovered in Trusted Firmware OP-TEE Trusted OS through 3.15.0. The OPTEE-OS CSU driver for NXP i.MX6UL SoC dev... | 7.8 - HIGH | 2021-12-07 | 2022-07-12 |
| CVE-2021-40154 json | NXP LPC55S69 devices before A3 have a buffer over-read via a crafted wlength value in a GET Descriptor Configuration request ... | 5.5 - MEDIUM | 2021-12-01 | 2021-12-06 |
| CVE-2021-38260 json | NXP MCUXpresso SDK v2.7.0 was discovered to contain a buffer overflow in the function USB_HostParseDeviceConfigurationDescrip... | 7.8 - HIGH | 2021-10-25 | 2021-10-28 |
| CVE-2021-38258 json | NXP MCUXpresso SDK v2.7.0 was discovered to contain a buffer overflow in the function USB_HostProcessCallback(). | 7.8 - HIGH | 2021-10-25 | 2021-10-28 |
| CVE-2021-36133 json | The OPTEE-OS CSU driver for NXP i.MX SoC devices lacks security access configuration for several models, resulting in TrustZo... | 7.1 - HIGH | 2021-12-07 | 2021-12-09 |
| CVE-2021-33881 json | On NXP MIFARE Ultralight and NTAG cards, an attacker can interrupt a write operation (aka conduct a "tear off" attack) over R... | 4.2 - MEDIUM | 2021-06-06 | 2021-06-17 |
| CVE-2021-31532 json | NXP LPC55S6x microcontrollers (0A and 1B), i.MX RT500 (silicon rev B1 and B2), i.MX RT600 (silicon rev A0, B0), LPC55S6x, LPC... | 6.8 - MEDIUM | 2021-05-06 | 2022-07-12 |
| CVE-2021-27421 json | ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new secur... | 9.8 - CRITICAL | 2022-05-03 | 2022-05-12 |
| CVE-2021-22680 json | ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new secur... | 9.8 - CRITICAL | 2022-05-03 | 2022-05-11 |
| CVE-2021-3011 json | An electromagnetic-wave side-channel issue was discovered on NXP SmartMX / P5x security microcontrollers and A7x secure authe... | 4.2 - MEDIUM | 2021-01-07 | 2023-07-20 |
| CVE-2019-17519 json | The Bluetooth Low Energy implementation on NXP SDK through 2.2.1 for KW41Z devices does not properly restrict the Link Layer ... | 8.8 - HIGH | 2020-02-12 | 2022-11-02 |
| CVE-2019-17060 json | The Bluetooth Low Energy (BLE) stack implementation on the NXP KW41Z (based on the MCUXpresso SDK with Bluetooth Low Energy D... | 6.5 - MEDIUM | 2020-02-10 | 2022-11-02 |
| CVE-2019-14239 json | On NXP Kinetis KV1x, Kinetis KV3x, and Kinetis K8x devices, Flash Access Controls (FAC) (a software IP protection method for ... | 6.6 - MEDIUM | 2019-09-24 | 2019-09-25 |
| CVE-2019-14237 json | On NXP Kinetis KV1x, Kinetis KV3x, and Kinetis K8x devices, Flash Access Controls (FAC) (a software IP protection method for ... | 9.8 - CRITICAL | 2019-09-12 | 2019-09-16 |
| CVE-2017-7936 json | A stack-based buffer overflow issue was discovered in NXP i.MX 50, i.MX 53, i.MX 6ULL, i.MX 6UltraLite, i.MX 6SoloLite, i.MX ... | 6.3 - MEDIUM | 2017-08-07 | 2019-10-09 |
| CVE-2017-7932 json | An improper certificate validation issue was discovered in NXP i.MX 28 i.MX 50, i.MX 53, i.MX 7Solo i.MX 7Dual Vybrid VF3xx, ... | 6 - MEDIUM | 2017-08-07 | 2019-10-09 |
Known software with vulnerabilities from Nxp
| Type | Vendor | Product | Version |
|---|---|---|---|
| Hardware | Nxp | I.mx 8m Mini | - |
| Hardware | Nxp | I.mx 8m Nano | - |
| Hardware | Nxp | I.mx 8m Plus | - |
| Hardware | Nxp | I.mx 8ulp-cs | - |
| Hardware | Nxp | I.mx 8x | - |
| Hardware | Nxp | I.mx Rt1010 | - |
| Hardware | Nxp | I.mx Rt1015 | - |
| Hardware | Nxp | I.mx Rt1020 | - |
| Hardware | Nxp | I.mx Rt1024 | - |
| Hardware | Nxp | I.mx Rt1050 | - |
| Hardware | Nxp | I.mx Rt1060 | - |
| Hardware | Nxp | I.mx Rt1064 | - |
| Hardware | Nxp | I.mx Rt1170 | - |
| Hardware | Nxp | I.mx Rt500 | - |
| Hardware | Nxp | I.mx Rt600 | - |
| Hardware | Nxp | J2a081 | - |
| Hardware | Nxp | J2d081 M59 | - |
| Hardware | Nxp | J2d081 M61 | - |
| Hardware | Nxp | J2d082 M60 | - |
| Hardware | Nxp | J2d120 M60 | - |