cvedb.io
CVE-2017-7932
MEDIUM · CVSS 6
EPSS exploitation probability: 0%
Published 2017-08-07T08:29:00.307 · Last modified 2026-06-17T01:25:30.297

Summary

An improper certificate validation issue was discovered in NXP i.MX 28 i.MX 50, i.MX 53, i.MX 7Solo i.MX 7Dual Vybrid VF3xx, Vybrid VF5xx, Vybrid VF6xx, i.MX 6ULL, i.MX 6UltraLite, i.MX 6SoloLite, i.MX 6Solo, i.MX 6DualLite, i.MX 6SoloX, i.MX 6Dual, i.MX 6Quad, i.MX 6DualPlus, and i.MX 6QuadPlus. When the device is configured in security enabled configuration, under certain conditions it is possible to bypass the signature verification by using a specially crafted certificate leading to the execution of an unsigned image.

Affected products

nxp — vybrid_mvf30nn151cku26_firmware

Does this affect you?

Add your gear to cvedb and we'll alert you only when nxp ships something exploited.

Check my exposure →

References

This product uses data from the NVD API but is not endorsed or certified by the NVD. Informational only; not professional security advice.