Trustedfirmware Trusted Firmware-m — known CVE vulnerabilities
Every CVE whose affected-product data names Trustedfirmware Trusted Firmware-m, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (6)
CVE-2021-43619 — CVSS 7.8 (high): Trusted Firmware M 1.4.x through 1.4.1 has a buffer overflow issue in the Firmware Update partition. In the IPC model, a psa_fwu_write…
CVE-2021-32032 — CVSS 7.5 (high): In Trusted Firmware-M through 1.3.0, cleaning up the memory allocated for a multi-part cryptographic operation (in the event of a failure)…
CVE-2023-40271 — CVSS 7.5 (high): In Trusted Firmware-M through TF-Mv1.8.0, for platforms that integrate the CryptoCell accelerator, when the CryptoCell PSA Driver software…
CVE-2021-40327 — CVSS 5.9 (medium): Trusted Firmware-M (TF-M) 1.4.0, when Profile Small is used, has incorrect access control. NSPE can access a secure key (held by the Crypto…
CVE-2023-51712 — CVSS 4.7 (medium): An issue was discovered in Trusted Firmware-M through 2.0.0. The lack of argument verification in the logging subsystem allows attackers to…