📦

arm_trusted_firmware

Vendor: arm

Actively Exploited 0 CISA KEV List

PoC / Exploits 0 Code Available

Total RCEs 0 Remote Access

Total CVEs 34 Total Indexed

Avg. EPSS 0.41% Exploit Prob.

Latest CVE CVE-2017-7564 Jun 07

Security Vulnerability Index

Page 1 / 4

7.5 CVSS

CVE-2017-7564

In ARM Trusted Firmware through 1.3, the secure self-hosted invasive debug interface allows normal world attackers to cause a denial of service (secure world panic) via vectors involving debug exceptions and debug registers.

EPSS: 0.46%

Severity: HIGH

Jun 07, 2017

8.1 CVSS

CVE-2017-7563

In ARM Trusted Firmware 1.3, RO memory is always executable at AArch64 Secure EL1, allowing attackers to bypass the MT_EXECUTE_NEVER protection mechanism. This issue occurs because of inconsistency in the number of execute-never bits (one bit versus two bits).

EPSS: 0.34%

Severity: HIGH

Jun 07, 2017

5.9 CVSS

CVE-2016-10319

In ARM Trusted Firmware 1.2 and 1.3, a malformed firmware update SMC can result in copying unexpectedly large data into secure memory because of integer overflows. This affects certain cases involving execution of both AArch64 Generic Trusted Firmware (TF) BL1 code and other firmware update code.

EPSS: 0.44%

Severity: MEDIUM

Apr 06, 2017

Displaying 3 of 34 Total Entries

1 2 3 4

Total 4 Sections