This is likely because in many cases, ST will sell microcontrollers with more flash than advertised. For example, the STM32F103C8 on the popular "bluepill" dev board is advertised as having 64 KB of flash. It actually has 128 KB of flash because it's the same chip as the STM32F103CB (this simplifies manufacturing because they can use the same die for both), it's just that ST never tested the second half of flash. In most cases you can use the second half of flash and it'll work just fine, but obviously it's not something you'd want to rely on for a commercial product.
MrBuddyCasino•23m ago
"STM32 Read-Out Protection (RDP) secures flash memory through three levels (0, 1, 2) configured via option bytes. Level 0 allows full access (default). Level 1 restricts debugging and flash access, allowing regression to Level 0 by erasing flash. Level 2 permanently locks the device, disabling debug features, and cannot be reverted."
I actually have a half-defective device with an STM32 MCU that I would like to dump. Its a noise machine with a flash card containing the sounds, but the content is encrypted. I'd like to get at the decryption key to salvage it.
Has Level 2 been cracked?