Known Vulnerabilities for products from St
Listed below are 20 of the newest known vulnerabilities associated with the vendor "St".
These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.
Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.
Additional devices specifications by St can be found at device.report : St
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2021-43393 | ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new secur... | 6.2 - MEDIUM | 2022-03-04 | 2022-03-10 |
| CVE-2021-43392 | ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new secur... | 6.2 - MEDIUM | 2022-03-04 | 2022-03-10 |
| CVE-2021-42553 | ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new secur... | 9.8 - CRITICAL | 2022-10-21 | 2023-03-07 |
| CVE-2021-34268 | An issue in the USBH_ParseDevDesc() function of STMicroelectronics STM32Cube Middleware v1.8.0 and below causes a denial of s... | 4.6 - MEDIUM | 2021-07-22 | 2021-08-03 |
| CVE-2021-34267 | An in the USBH_MSC_InterfaceInit() function of STMicroelectronics STM32Cube Middleware v1.8.0 and below causes a denial of se... | 4.6 - MEDIUM | 2021-07-22 | 2021-08-03 |
| CVE-2021-34262 | A buffer overflow vulnerability in the USBH_ParseEPDesc() function of STMicroelectronics STM32Cube Middleware v1.8.0 and belo... | 6.8 - MEDIUM | 2021-07-22 | 2021-08-03 |
| CVE-2021-34261 | An issue in USBH_ParseCfgDesc() of STMicroelectronics STM32Cube Middleware v1.8.0 and below causes a denial of service due to... | 4.6 - MEDIUM | 2021-07-22 | 2021-08-03 |
| CVE-2021-34260 | A buffer overflow vulnerability in the USBH_ParseInterfaceDesc() function of STMicroelectronics STM32Cube Middleware v1.8.0 a... | 6.8 - MEDIUM | 2021-07-22 | 2021-08-02 |
| CVE-2021-34259 | A buffer overflow vulnerability in the USBH_ParseCfgDesc() function of STMicroelectronics STM32Cube Middleware v1.8.0 and bel... | 6.8 - MEDIUM | 2021-07-22 | 2021-08-03 |
| CVE-2021-29414 | STMicroelectronics STM32L4 devices through 2021-03-29 have incorrect physical access control. | 6.1 - MEDIUM | 2021-05-21 | 2021-06-08 |
| CVE-2020-27212 | STMicroelectronics STM32L4 devices through 2020-10-19 have incorrect access control. The flash read-out protection (RDP) can ... | 7 - HIGH | 2021-05-21 | 2021-06-08 |
| CVE-2020-20949 | Bleichenbacher's attack on PKCS #1 v1.5 padding for RSA in STM32 cryptographic firmware library software expansion for STM32C... | 5.9 - MEDIUM | 2021-01-20 | 2021-07-21 |
| CVE-2020-13466 | STMicroelectronics STM32F103 devices through 2020-05-20 allow physical attackers to execute arbitrary code via a power glitch... | 6.8 - MEDIUM | 2020-08-31 | 2020-09-09 |
| CVE-2020-8004 | STMicroelectronics STM32F1 devices have Incorrect Access Control. | 7.5 - HIGH | 2020-04-06 | 2021-07-21 |
| CVE-2019-19192 | The Bluetooth Low Energy implementation on STMicroelectronics BLE Stack through 1.3.1 for STM32WB5x devices does not properly... | 6.5 - MEDIUM | 2020-02-12 | 2020-02-26 |
| CVE-2019-16863 | STMicroelectronics ST33TPHF2ESPI TPM devices before 2019-09-12 allow attackers to extract the ECDSA private key via a side-ch... | 5.9 - MEDIUM | 2019-11-14 | 2023-11-07 |
| CVE-2019-14238 | On STMicroelectronics STM32F7 devices, Proprietary Code Read Out Protection (PCROP) (a software IP protection method) can be ... | 6.6 - MEDIUM | 2019-09-24 | 2019-09-25 |
| CVE-2019-14236 | On STMicroelectronics STM32L0, STM32L1, STM32L4, STM32F4, STM32F7, and STM32H7 devices, Proprietary Code Read Out Protection ... | 9.8 - CRITICAL | 2019-09-12 | 2019-09-16 |
| CVE-2017-18347 | Incorrect access control in RDP Level 1 on STMicroelectronics STM32F0 series devices allows physically present attackers to e... | 4.6 - MEDIUM | 2018-09-12 | 2021-05-04 |
| CVE-2003-0392 | Directory traversal vulnerability in ST FTP Service 3.0 allows remote attackers to list arbitrary directories via a CD comman... | 6.4 - MEDIUM | 2003-07-02 | 2016-10-18 |
Known software with vulnerabilities from St
| Type | Vendor | Product | Version |
|---|---|---|---|
| Application | St | Accelerometerp11 | 2.0.10.22 |
| Application | St | Bluenrg-2 | - |
| Hardware | St | St33tphf2espi | - |
| Operating System | St | St33tphf2espi Firmware | 2019-09-12 |
| Hardware | St | St33tphf2espiqfn | - |
| Operating System | St | St33tphf2espiqfn Firmware | 2019-09-12 |
| Hardware | St | St33tphf2espir28 | - |
| Operating System | St | St33tphf2espir28 Firmware | 2019-09-12 |
| Application | St | Stm32cubef0 | - |
| Application | St | Stm32cubef1 | - |
| Application | St | Stm32cubef2 | - |
| Application | St | Stm32cubef3 | - |
| Application | St | Stm32cubef4 | - |
| Application | St | Stm32cubef7 | - |
| Application | St | Stm32cubeg0 | - |
| Application | St | Stm32cubeg4 | - |
| Application | St | Stm32cubeh7 | - |
| Application | St | Stm32cubeide | - |
| Application | St | Stm32cubel0 | - |
| Application | St | Stm32cubel1 | - |