COOEY // HUBcompliance · community · intelligence

Exposures › CVE-2021-27562

CVE-2021-27562

Severity
high · on CISA KEV actively exploited
Source
CISA-KEV · kev
Published
2021-11-03
Reference
https://nvd.nist.gov/vuln/detail/CVE-2021-27562
⌖ exploited in the wild shame 50/100 exploited-in-wild

Arm Trusted Firmware contains an out-of-bounds write vulnerability allowing the non-secure (NS) world to trigger a system halt, overwrite secure data, or print out secure data when calling secure functions under the non-secure processing environment (NSPE) handler mode. This vuln

Players implicated

Arm · vendorTrusted Firmware · product

Description

Arm Trusted Firmware contains an out-of-bounds write vulnerability allowing the non-secure (NS) world to trigger a system halt, overwrite secure data, or print out secure data when calling secure functions under the non-secure processing environment (NSPE) handler mode. This vulnerability affects Yealink Device Management servers.

Affected FedRAMP products 0 in the catalog

No correlated FedRAMP products.