CVE-2022-0553: 
NixOS vulnerability analysis and mitigation

CVE-2022-0553 is a security vulnerability discovered in the Zephyr Real-Time Operating System (RTOS) affecting versions prior to 3.0. The vulnerability was disclosed on May 31, 2022, and relates to the USB DFU (Device Firmware Update) functionality. The issue allows unauthorized retrieval of unencrypted firmware images from slot 0 of the device, even when image encryption is enabled (Zephyr Advisory).

The vulnerability stems from a missing security check in the USB DFU implementation, specifically around the code responsible for uploading firmware from the device to the host. The issue is located in the subsys/usb/class/dfu/usb_dfu.c file. When encrypted images are used, the system fails to prevent the retrieval of unencrypted firmware from slot 0. The vulnerability has been assigned a CVSS v3.1 base score of 6.5 (Medium) with vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N, indicating adjacent network access requirements but high confidentiality impact (Zephyr Advisory).

The vulnerability allows an attacker with physical access to the device to retrieve unencrypted firmware images from slot 0, even when image encryption is enabled. This could lead to unauthorized access to proprietary firmware code and potential exposure of sensitive information embedded in the firmware (Zephyr Advisory).

The issue has been fixed in Zephyr version 3.0 through pull request #42424. For systems that cannot be updated, developers are advised to avoid using USB DFU when encrypted images are required (Zephyr Advisory).