Arm Trusted Firmware Out-of-Bounds Write Vulnerability (CVE-2021-27562)
Arm Trusted Firmware contains an out-of-bounds write vulnerability allowing the non-secure (NS) world to trigger a system halt, overwrite secure data, or print out secure data when calling secure functions under the non-secure processing environment (NSPE) handler mode. This vulnerability affects Yealink Device Management servers.
A local attacker, with a low-privilege account, can achieve partial data exposure, complete denial of service or system unavailability. Federal agencies are required to remediate by 2021-11-17 under CISA BOD 22-01.
This is a Out-of-bounds Write (CWE-787) vulnerability in Arm Trusted Firmware. In Arm Trusted Firmware M through 1.2, the NS world may trigger a system halt, an overwrite of secure data, or the printing out of secure data when calling secure functions under the NSPE handler mode. Exploitation requires local access, low attack complexity, a low-privilege authenticated account, and no user interaction required.
Probably yes if any of these apply:
CISA added this CVE to the Known Exploited Vulnerabilities catalog on 2021-11-03 based on evidence of active exploitation in the wild. Federal agencies required to remediate by 2021-11-17.
Manual remediation steps
No tested PowerShell script for this entry yet. We’re prioritising automation based on user demand.