CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2024-9413

The transport_message_handler function in SCP-Firmware release versions 2.11.0-2.15.0 does not properly handle errors, potentially allowing an Application Processor (AP) to cause a buffer overflow in System Control Processor (SCP) firmware.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.007

EPSS Ranking 70.5%

CVSS Severity

CVSS v3 Score 8.0

References

https://developer.arm.com/Arm%20Security%20Center/SCP-Firmware%20Vulnerability

Products affected by CVE-2024-9413

Arm » Scp Firmware » Version: 2.11.0

cpe:2.3:o:arm:scp_firmware:2.11.0
Arm » Scp Firmware » Version: 2.12.0

cpe:2.3:o:arm:scp_firmware:2.12.0
Arm » Scp Firmware » Version: 2.13.0

cpe:2.3:o:arm:scp_firmware:2.13.0
Arm » Scp Firmware » Version: 2.14.0

cpe:2.3:o:arm:scp_firmware:2.14.0
Arm » Scp Firmware » Version: 2.15.0

cpe:2.3:o:arm:scp_firmware:2.15.0

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2024-9413

Products

Pricing

Contact Us