CVE-2021-27562 - Arm Trusted Firmware Out-of-Bounds Write Vulnerability
Project:Arm
Product:Trusted Firmware
Date Added:2021-11-03Due Date:2021-11-17
Vulnerability Name
Arm Trusted Firmware Out-of-Bounds Write Vulnerability
Description
Arm Trusted Firmware contains an out-of-bounds write vulnerability allowing the non-secure (NS) world to trigger a system halt, overwrite secure data, or print out secure data when calling secure functions under the non-secure processing environment (NSPE) handler mode. This vulnerability affects Yealink Device Management servers.
Known To Be Used in Ransomware Campaigns?
Unknown
Action
Apply updates per vendor instructions.
Additional Notes
https://nvd.nist.gov/vuln/detail/CVE-2021-27562