CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Linaro: >> Op-Tee >> 3.14.0 Security Vulnerabilities

CVE-2022-47549

An unprotected memory-access operation in optee_os in TrustedFirmware Open Portable Trusted Execution Environment (OP-TEE) before 3.20 allows a physically proximate adversary to bypass signature verification and install malicious trusted applications via electromagnetic fault injections.

CVSS Score

6.4

EPSS Score

0.0

Published

2022-12-19

CVE-2021-44149

An issue was discovered in Trusted Firmware OP-TEE Trusted OS through 3.15.0. The OPTEE-OS CSU driver for NXP i.MX6UL SoC devices lacks security access configuration for wakeup-related registers, resulting in TrustZone bypass because the NonSecure World can perform arbitrary memory read/write operations on Secure World memory. This involves a v cycle.

CVSS Score

7.8

EPSS Score

0.001

Published

2021-12-07

Page 1

Vulnerabilities

Vulnerable Software

Linaro: >> Op-Tee >> 3.14.0 Security Vulnerabilities

Products

Pricing

Contact Us