Vulnerability Details CVE-2021-27433
ARM mbed-ualloc memory library version 1.3.0 is vulnerable to integer wrap-around in function mbed_krbs, which can lead to arbitrary memory allocation, resulting in unexpected behavior such as a crash or a remote code injection/execution.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.038
EPSS Ranking 87.5%
CVSS Severity
CVSS v3 Score 7.3
CVSS v2 Score 7.5
References
Products affected by CVE-2021-27433
-
cpe:2.3:a:arm:mbed_ualloc:1.3.0