Login Sign Up

CVE-2020-11684

9.1 CRITICAL

📋 TL;DR

CVE-2020-11684 is a memory disclosure vulnerability in AT91bootstrap that fails to properly clear encryption and authentication keys from memory before transferring control to less privileged software. This allows attackers to extract cryptographic keys and potentially compromise the boot process by encrypting and signing subsequent boot stages. Affected systems include devices using Microchip AT91 processors with vulnerable AT91bootstrap versions.

💻 Affected Systems

Products:
  • Microchip AT91 processors
  • AT91bootstrap
Versions: All versions before 3.9.2
Operating Systems: Embedded Linux systems using AT91 processors
Default Config Vulnerable: ⚠️ Yes
Notes: Affects systems using AT91bootstrap for secure boot initialization on Microchip AT91 platforms.

📦 What is this software?

At91bootstrap by Linux4sam

View all CVEs affecting At91bootstrap →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete compromise of the boot chain, allowing attackers to install persistent malware, bypass secure boot mechanisms, and gain full control over the device.

🟠

Likely Case

Extraction of cryptographic keys leading to compromised device integrity, potential firmware modification, and unauthorized access to protected data.

🟢

If Mitigated

Limited impact if proper secure boot and memory protection mechanisms are in place, though key exposure remains a concern.

🌐 Internet-Facing: MEDIUM
🏢 Internal Only: HIGH

🎯 Exploit Status

Public PoC: ⚠️ Yes
Weaponized: LIKELY
Unauthenticated Exploit: ✅ No
Complexity: MEDIUM

Exploitation requires physical access or privileged access to the device to read memory contents.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: 3.9.2 and later

Vendor Advisory: https://github.com/linux4sam/at91bootstrap/commit/45419497309ffbf27c17ea7938499aca99168927

Restart Required: Yes

Instructions:

1. Update AT91bootstrap to version 3.9.2 or later. 2. Rebuild and flash the updated bootstrap to affected devices. 3. Verify secure boot chain integrity.

🔧 Temporary Workarounds

Memory Protection Configuration

all

Configure memory protection units (MPUs) to restrict access to sensitive memory regions containing cryptographic keys.

Configure MPU settings in bootloader configuration

🧯 If You Can't Patch

  • Implement strict physical security controls to prevent unauthorized device access.
  • Use hardware security modules (HSMs) or trusted platform modules (TPMs) for key storage and management.

🔍 How to Verify

Check if Vulnerable:

Check AT91bootstrap version: if version < 3.9.2, system is vulnerable.

Check Version:

Check bootloader version during boot sequence or via device firmware interface.

Verify Fix Applied:

Verify AT91bootstrap version is 3.9.2 or later and confirm memory wiping routines are implemented.

📡 Detection & Monitoring

Log Indicators:

  • Unexpected memory access patterns
  • Boot process anomalies
  • Secure boot validation failures

Network Indicators:

  • None - this is a local memory disclosure vulnerability

SIEM Query:

Search for bootloader version strings indicating vulnerable AT91bootstrap versions.

📊 Metadata

CVE ID: CVE-2020-11684
CVSS v3 Score: 9.1 (CRITICAL)
CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
CWE: CWE-212
Published: September 14, 2020
Last Updated: November 21, 2024

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2020-11684, you might also want to check these:

CVE-2022-2818 9.8

CVE-2022-2818 is an improper removal of sensitive information vulnerability in the cockpit repositor...

Same vulnerability type (CWE-212)
CVE-2022-0355 8.8

CVE-2022-0355 is an information disclosure vulnerability in the NPM simple-get package where sensiti...

Same vulnerability type (CWE-212)
CVE-2022-1650 8.1

CVE-2022-1650 is an information exposure vulnerability in the eventsource JavaScript library where s...

Same vulnerability type (CWE-212)