Recent Vulnerabilities Research Posts Trends Blog About Contact

Published: 20/09/2017 Updated: 03/10/2017

CVSS v2 Base Score: 5.1 | Impact Score: 6.4 | Exploitability Score: 4.9

CVSS v3 Base Score: 7 | Impact Score: 5.9 | Exploitability Score: 1

VMScore: 454

Vector: AV:N/AC:H/Au:N/C:P/I:P/A:P

The BL1 FWU SMC handling code in ARM Trusted Firmware prior to 1.4 might allow malicious users to write arbitrary data to secure memory, bypass the bl1_plat_mem_check protection mechanism, cause a denial of service, or possibly have unspecified other impact via a crafted AArch32 image, which triggers an integer overflow.

Vulnerable Product	Search on Vulmon	Subscribe to Product
arm arm-trusted-firmware

CWE-190 https://github.com/ARM-software/arm-trusted-firmware/wiki/ARM-Trusted-Firmware-Security-Advisory-TFV-4 https://github.com/ARM-software/arm-trusted-firmware/blob/v1.4/docs/change-log.rst#new-features https://nvd.nist.gov

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2017-9607

Vulnerability Summary

References

Vulmon Search

About

Products

Connect