Invasive Debug Interface Flaw in ARM Trusted Firmware
CVE-2017-7564

7.5HIGH

Key Information:

Vendor: Arm
Status: Arm Trusted Firmware
Vendor: CVE Published:; 7 June 2017

Summary

A vulnerability exists in the invasive debug interface of ARM Trusted Firmware, potentially allowing attackers in the normal world to exploit debug exceptions and registers. This can lead to secure world panics, thereby causing a denial of service. Users should ensure they are updated to maintain system integrity.

References

https://github.com/ARM-software/arm-trusted-firmware/wiki...

x_refsource_CONFIRM

CVSS V3.1

Score:

7.5

Severity:

HIGH

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Jun 7, 2017
Vulnerability Reserved
Apr 6, 2017