Every CVE whose affected-product data names Arm Scp Firmware, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (3)
CVE-2024-9413 — CVSS 8.0 (high): The transport_message_handler function in SCP-Firmware release versions 2.11.0-2.15.0 does not properly handle errors, potentially allowing…
CVE-2024-11864 — CVSS 7.5 (high): Specifically crafted SCMI messages sent to an SCP running SCP-Firmware release versions up to and including 2.15.0 may lead to a Usage…
CVE-2024-11863 — CVSS 5.3 (medium): Specifically crafted SCMI messages sent to an SCP running SCP-Firmware release versions up to and including 2.15.0 may lead to a Usage…