Arm: >> Trusted Firmware-M >> 1.4.1 Security Vulnerabilities
An issue was discovered in Trusted Firmware-M through 2.0.0. The lack of argument verification in the logging subsystem allows attackers to read sensitive data via the login function.
CVSS Score
4.7
EPSS Score
0.0
Published
2024-09-05
Trusted Firmware M 1.4.x through 1.4.1 has a buffer overflow issue in the Firmware Update partition. In the IPC model, a psa_fwu_write caller from SPE or NSPE can overwrite stack memory locations.
CVSS Score
7.8
EPSS Score
0.002
Published
2022-03-01