For this presentation, we reverse-engineered and analysed the bootloaders of three widely used microcontrollers (NXP LPC1343, ST STM32F4, and ST STM8) in order to assess if the readout protection can be overcome with software-based attacks.

Our analysis shows that the bootloader of the LPC1343 (and other chips from the same family) contains a critical vulnerability in the "Write to RAM" command.

By Qais Temeiza and David Oswald

Full Abstract & Presentation Materials: https://www.blackhat.com/eu-19/briefi...