CVE-2023-51712
- EPSS 0.04%
- Veröffentlicht 05.09.2024 16:15:06
- Zuletzt bearbeitet 25.03.2025 17:15:44
An issue was discovered in Trusted Firmware-M through 2.0.0. The lack of argument verification in the logging subsystem allows attackers to read sensitive data via the login function.
CVE-2023-40271
- EPSS 0.15%
- Veröffentlicht 08.09.2023 02:15:08
- Zuletzt bearbeitet 27.11.2024 20:03:20
In Trusted Firmware-M through TF-Mv1.8.0, for platforms that integrate the CryptoCell accelerator, when the CryptoCell PSA Driver software Interface is selected, and the Authenticated Encryption with Associated Data Chacha20-Poly1305 algorithm is use...
CVE-2021-43619
- EPSS 0.17%
- Veröffentlicht 01.03.2022 05:15:07
- Zuletzt bearbeitet 27.11.2024 20:03:20
Trusted Firmware M 1.4.x through 1.4.1 has a buffer overflow issue in the Firmware Update partition. In the IPC model, a psa_fwu_write caller from SPE or NSPE can overwrite stack memory locations.
CVE-2021-27562
- EPSS 72.2%
- Veröffentlicht 25.05.2021 19:15:07
- Zuletzt bearbeitet 14.03.2025 16:22:57
In Arm Trusted Firmware M through 1.2, the NS world may trigger a system halt, an overwrite of secure data, or the printing out of secure data when calling secure functions under the NSPE handler mode.