CVE-2021-27562: Arm Trusted Firmware Out-of-Bounds Write Vulnerability. Arm
Arm Trusted Firmware Out-of-Bounds Write Vulnerability. Arm Trusted Firmware contains an out-of-bounds write vulnerability allowing the non-secure (NS) world to trigger a system halt, overwrite secure data, or print out secure data when calling secure functions under the non-secure processing environment (NSPE) handler mode. This vulnerability affects Yealink Device Management servers.
- CISA KEV-listed (remediation due 2021-11-17)
- EPSS 10.9% (93.5% percentile)