How severe is CVE-2022-45163?

This vulnerability has a severity rating of MEDIUM with a CVSS score of 4.6 out of 10.

What type of vulnerability is CVE-2022-45163?

This is classified as CWE-203, which is a common weakness in software security.

CVE-2022-45163

MEDIUM Year: 2022

CVSS v3 Score

4.6

Medium

Weakness Type

CWE-203

View all →

Vulnerability Description

An information-disclosure vulnerability exists on select NXP devices when configured in Serial Download Protocol (SDP) mode: i.MX RT 1010, i.MX RT 1015, i.MX RT 1020, i.MX RT 1050, i.MX RT 1060, i.MX 6 Family, i.MX 7Dual/Solo, i.MX 7ULP, i.MX 8M Quad, i.MX 8M Mini, and Vybrid. In a device security-enabled configuration, memory contents could potentially leak to physically proximate attackers via the respective SDP port in cold and warm boot attacks. (The recommended mitigation is to completely disable the SDP mode by programming a one-time programmable eFUSE. Customers can contact NXP for additional information.)

CVE-2019-14358

MEDIUM

CVSS:4.6(Medium)

On Archos Safe-T devices, a side channel for the row-based OLED display was found. The power consumption of each row-based display cycle depends on the number of illuminated pixels, allowing a partial...

CWE-2032019

CVE-2019-14360

MEDIUM

CVSS:4.6(Medium)

On Hyundai Pay Kasse HK-1000 devices, a side channel for the row-based OLED display was found. The power consumption of each row-based display cycle depends on the number of illuminated pixels, allowi...

CWE-2032019

CVE-2019-18673

MEDIUM

CVSS:4.6(Medium)

On SHIFT BitBox02 devices, a side channel for the row-based OLED display was found. The power consumption of each row-based display cycle depends on the number of illuminated pixels, allowing a partia...

CWE-2032019

CVE-2018-0495

MEDIUM

CVSS:4.7(Medium)

Libgcrypt before 1.7.10 and 1.8.x before 1.8.3 allows a memory-cache side-channel attack on ECDSA signatures that can be mitigated through the use of blinding during the signing process in the _gcry_e...

CWE-2032018

CVE-2018-16868

MEDIUM

CVSS:4.7(Medium)

A Bleichenbacher type side-channel based padding oracle attack was found in the way gnutls handles verification of RSA decrypted PKCS#1 v1.5 data. An attacker who is able to run process on the same ph...

CWE-2032018

CVE-2018-16869

MEDIUM

CVSS:4.7(Medium)

A Bleichenbacher type side-channel based padding oracle attack was found in the way nettle handles endian conversion of RSA decrypted PKCS#1 v1.5 data. An attacker who is able to run a process on the ...

CWE-2032018

CVE-2022-45163

Vulnerability Description

Related Vulnerabilities

CVE-2019-14358

CVE-2019-14360

CVE-2019-18673

CVE-2018-0495

CVE-2018-16868

CVE-2018-16869