2022-06-21 10:54 AM
Also, apparently CVE-2020-27212 means that you can bypass flash readout protection. Is that a correct reading of that CVE? Note that searching both the ST main site and the community site produce no hits for either CVE, and trying to determine the actual impact of either CVE from the NIST sites is difficult because they provide no detailed information.
2022-06-28 01:19 PM
The first link on the NIST site points you to the article "Security and Trust in Open Source Security Tokens" which describes the attac in great detail.
hth
KnarfB