Vulnerability Details CVE-2020-16273
In Arm software implementing the Armv8-M processors (all versions), the stack selection mechanism could be influenced by a stack-underflow attack in v8-M TrustZone based processors. An attacker can cause a change to the stack pointer used by the Secure World from a non-secure application if the stack is not initialized. This vulnerability affects only the software that is based on Armv8-M processors with the Security Extension.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 20.1%
CVSS Severity
CVSS v3 Score 7.8
CVSS v2 Score 7.2
References
Products affected by CVE-2020-16273
-
cpe:2.3:h:arm:armv8-m:-
-
cpe:2.3:o:arm:armv8-m_firmware:-