Home/CVEs/CVE-2021-27562/

CVE-2021-27562 - Arm Trusted Firmware Out-of-Bounds Write Vulnerability

Project:Arm

Product:Trusted Firmware

Date Added:2021-11-03Due Date:2021-11-17

Vulnerability Name

Arm Trusted Firmware Out-of-Bounds Write Vulnerability

Description

Arm Trusted Firmware contains an out-of-bounds write vulnerability allowing the non-secure (NS) world to trigger a system halt, overwrite secure data, or print out secure data when calling secure functions under the non-secure processing environment (NSPE) handler mode. This vulnerability affects Yealink Device Management servers.

Known To Be Used in Ransomware Campaigns?

Unknown

Action

Apply updates per vendor instructions.

Additional Notes

https://nvd.nist.gov/vuln/detail/CVE-2021-27562