2025-10-02 7:44 AM
Hello,
I am working with an STM32U585I-IOT02A development board and using STM32CubeProgrammer.
I changed the RDP level to DC and set a password. After that, I am unable to get back to RDP level AA.
I tried entering the correct password, but the unlock option does not disable the protection.
I also attempted the "unlock RDP1 level" process, but it does not seem to work.
Currently, I am unable to flash any code onto the device.
Is there any way to recover the board back to RDP AA level and make it programmable again?
What is the correct procedure to unlock the RDP DC level after a password has been set?
Thanks in advance.
Solved! Go to Solution.
2025-10-16 2:42 AM
Hello,
The command showing “unlock successful” actually means the script finished executing; it assumes the user correctly remembers the password used. I understand this can be confusing, so I have escalated the issue to the relevant team for resolution. It is being tracked internally under ticket number 219784.
Since you have tried all remembered passwords without success, unfortunately, unless you recall the exact password used to lock and unlock RDP1, you will not be able to use the board.
Best regards,
2025-10-03 5:16 AM
Hello @shivss, and welcome to ST Community!
Have you tried following the Knowledge Base article? The same process for regression from level 2 to level 0 can be applied to regression from level 1 to level 0.
Best regards,
2025-10-03 9:18 PM
Yes, I have already tried following that Knowledge Base article and applied the same procedure, but unfortunately it did not work in my case. The device is still locked and I cannot regress back to RDP AA.
I also tried using STM32CubeProgrammer in terminal/CLI mode. Below are the logs from the attempt:
2025-10-06 5:35 AM
Hello @shivss,
I tried reproducing the issue but could not. Here are the steps I tried in STM32CubeProgrammer CLI. Please follow the same steps. If you were not successful in performing RDP regression, try redoing it after booting from Root Security Service (RSS) mode, following the steps detailed in AN5347.
Best regards,
2025-10-11 10:37 PM
Hi @STackPointer64 ,
Thanks for the information. The note mentions that a small rework must be done on the Discovery kit (STM32L562E-DK or B-U585I-IOT02A) to boot from RSS, referring to documents [7] or [8]. However, I couldn’t find any details about this rework in the board user manual (UM2839).
Could you please clarify what specific rework is required or point me to the exact section/document that describes the hardware modification needed to enable RSS boot on the Discovery kit?
Best regards,
2025-10-13 6:16 AM
Hello @shivss,
The rework mentioned involves setting PH3 (BOOT0) to high. In the case of STM32U585I, there is a small switch just above the reset button that you can use to toggle it.
Best regards,
2025-10-13 10:19 PM
I set PH3 (BOOT0) to high using the switch above the reset button and confirmed the change. I then tried again, but I’m still getting the same result — it’s not unlocking.
2025-10-14 4:06 AM
Hello @shivss,
Are you sure you followed all the steps in AN5347, section 9.1.2? After confirming the changes mentioned, did you remove the IDD jumper (the jumper right above SW1) and put it back to exit from intrusion before performing the regression?
Best regards,
2025-10-14 10:17 PM
Yes, I followed the steps as described. Here’s the flow of my testing:
Powered the board and tested all commands (as before).
Powered off the board.
Set the BOOT0 (PH3) pin to high.
Removed the IDD jumper and then placed it back.
Powered the board again.
Retested all the commands — but the result was still the same, it’s not unlocking.
2025-10-15 7:38 AM
Hello @shivss,
After thorough retesting and finally reproducing your use case, it appears you are using the wrong OEM1 key to unlock RDP1. Although the command output shows that you successfully unlocked RDP1, you did not. I suggest opening STM32CubeProgrammer, connecting to the board, going to Secure Programming, and trying to recall the passwords you used to lock RDP1 and retrying. Unfortunately, that is the only possible solution.
Best regards,