A vulnerability (CVE-2022-45163) has been identified on select devices when configured in Serial Download Protocol (SDP) mode. In the security-enabled configuration, memory contents could potentially leak via the respective SDP port in cold and warm boot attacks. The recommended mitigation is to completely disable the SDP mode by programming an eFUSE.
NXP Device Family |
Impacted Silicon Revisions |
i.MX RT101x |
All |
i.MX RT102x |
All |
i.MX RT105x/6x |
All |
i.MX 6 Family |
All |
i.MX 7Dual/Solo |
All |
i.MX 7ULP |
All |
i.MX 8M Quad |
All |
i.MX 8M Mini |
All |
Vybrid (VFxxx) |
All |
Acknowledgment
_________________________________________________________________________
Please note this information is preliminary and subject to change. To the best of NXP's knowledge, the information contained herein is accurate and reliable as of the date of publication; however, NXP does not assume any liability for the accuracy and completeness of the information.