5.1
CVSSv2

CVE-2017-9607

Published: 20/09/2017 Updated: 03/10/2017
CVSS v2 Base Score: 5.1 | Impact Score: 6.4 | Exploitability Score: 4.9
CVSS v3 Base Score: 7 | Impact Score: 5.9 | Exploitability Score: 1
VMScore: 454
Vector: AV:N/AC:H/Au:N/C:P/I:P/A:P

Vulnerability Summary

The BL1 FWU SMC handling code in ARM Trusted Firmware prior to 1.4 might allow attackers to write arbitrary data to secure memory, bypass the bl1_plat_mem_check protection mechanism, cause a denial of service, or possibly have unspecified other impact via a crafted AArch32 image, which triggers an integer overflow.

Affected Products

Vendor Product Versions
ArmArm-trusted-firmware1.3