VYPR

Arm Trusted Firmware

by Arm

Source repositories

CVEs (15)

  • CVE-2025-48507HigNov 23, 2025
    risk 0.56cvss epss 0.00

    The security state of the calling processor into Trusted Firmware (TF-A) is not used and could potentially allow non-secure processors access to secure memories, access to crypto operations, and the ability to turn on and off subsystems within the SOC.

  • CVE-2017-7563HigJun 7, 2017
    risk 0.53cvss 8.1epss 0.01

    In ARM Trusted Firmware 1.3, RO memory is always executable at AArch64 Secure EL1, allowing attackers to bypass the MT_EXECUTE_NEVER protection mechanism. This issue occurs because of inconsistency in the number of execute-never bits (one bit versus two bits).

  • CVE-2017-15031HigDec 18, 2018
    risk 0.49cvss 7.5epss 0.02

    In all versions of ARM Trusted Firmware up to and including v1.4, not initializing or saving/restoring the PMCR_EL0 register can leak secure world timing information.

  • CVE-2017-7564HigJun 7, 2017
    risk 0.49cvss 7.5epss 0.01

    In ARM Trusted Firmware through 1.3, the secure self-hosted invasive debug interface allows normal world attackers to cause a denial of service (secure world panic) via vectors involving debug exceptions and debug registers.

  • CVE-2022-47630HigJan 16, 2023
    risk 0.48cvss 7.4epss 0.01

    Trusted Firmware-A through 2.8 has an out-of-bounds read in the X.509 parser for parsing boot certificates. This affects downstream use of get_ext and auth_nvctr. Attackers might be able to trigger dangerous read side effects or obtain sensitive information about…

  • CVE-2017-9607HigSep 20, 2017
    risk 0.46cvss 7.0epss 0.01

    The BL1 FWU SMC handling code in ARM Trusted Firmware before 1.4 might allow attackers to write arbitrary data to secure memory, bypass the bl1_plat_mem_check protection mechanism, cause a denial of service, or possibly have unspecified other impact via a crafted AArch32 image,…

  • CVE-2021-27562MedKEVMay 25, 2021
    risk 0.42cvss 5.5epss 0.03

    In Arm Trusted Firmware M through 1.2, the NS world may trigger a system halt, an overwrite of secure data, or the printing out of secure data when calling secure functions under the NSPE handler mode.

  • CVE-2021-40327MedJan 13, 2022
    risk 0.38cvss 5.9epss 0.01

    Trusted Firmware-M (TF-M) 1.4.0, when Profile Small is used, has incorrect access control. NSPE can access a secure key (held by the Crypto service) based solely on knowledge of its key ID. For example, there is no authorization check associated with the relationship between a…

  • CVE-2016-10319MedApr 6, 2017
    risk 0.38cvss 5.9epss 0.02

    In ARM Trusted Firmware 1.2 and 1.3, a malformed firmware update SMC can result in copying unexpectedly large data into secure memory because of integer overflows. This affects certain cases involving execution of both AArch64 Generic Trusted Firmware (TF) BL1 code and other…

  • CVE-2018-19440MedJan 30, 2019
    risk 0.35cvss 5.3epss 0.01

    ARM Trusted Firmware-A allows information disclosure.

  • CVE-2023-31339MedAug 13, 2024
    risk 0.31cvss 4.8epss 0.00

    Improper input validation in ARM® Trusted Firmware used in AMD’s Zynq™ UltraScale+™) MPSoC/RFSoC may allow a privileged attacker to perform out of bound reads, potentially resulting in data leakage and denial of service.

  • CVE-2023-49100MedFeb 21, 2024
    risk 0.22cvss 4.4epss 0.00

    Trusted Firmware-A (TF-A) before 2.10 has a potential read out-of-bounds in the SDEI service. The input parameter passed in register x1 is not validated well enough in the function sdei_interrupt_bind. The parameter is passed to a call to plat_ic_get_interrupt_type. It can be…

  • CVE-2024-6563Jul 8, 2024
    risk 0.00cvss epss 0.00

    Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') vulnerability in Renesas arm-trusted-firmware allows Local Execution of Code. This vulnerability is associated with program files https://github.Com/renesas-rcar/arm-trusted-firmware/blob/rcar_gen3_v2.5/drive…

  • CVE-2024-6287Jun 24, 2024
    risk 0.00cvss epss 0.00

    Incorrect Calculation vulnerability in Renesas arm-trusted-firmware allows Local Execution of Code. When checking whether a new image invades/overlaps with a previously loaded image the code neglects to consider a few cases. that could An attacker to bypass memory range…

  • CVE-2024-6285Jun 24, 2024
    risk 0.00cvss epss 0.00

    Integer Underflow (Wrap or Wraparound) vulnerability in Renesas arm-trusted-firmware. An integer underflow in image range check calculations could lead to bypassing address restrictions and loading of images to unallowed addresses.