High severity7.1NVD Advisory· Published Dec 7, 2021· Updated Jun 5, 2026

CVE-2021-36133

Description

The OPTEE-OS CSU driver for NXP i.MX SoC devices lacks security access configuration for several models, resulting in TrustZone bypass because the NonSecure World can perform arbitrary memory read/write operations on Secure World memory. This involves a DMA capable peripheral.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

Arm/Op Tee
cpe:2.3:o:trustedfirmware:op-tee:-:*:*:*:*:*:*:*
NXP/i.MX SoC driverdescription
Nxp/i.MX SoCllm-create
OPTEE/OPTEE-OSllm-create

Patches

Vulnerability mechanics

References

github.com/f-secure-foundry/advisories/blob/master/Security_Advisory-Ref_FSC-HWSEC-VR2021-0001-OP-TEE_TrustZone_bypass.txtnvdThird Party Advisory

News mentions

No linked articles in our index yet.

cvss	0.461
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000