cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2023-40271,https://securityvulnerability.io/vulnerability/CVE-2023-40271,Buffer Comparison Flaw in Trusted Firmware-M's CryptoCell Integration,"An issue in Trusted Firmware-M, specifically in versions utilizing the CryptoCell accelerator with the ChaCha20-Poly1305 algorithm, allows a potential authentication compromise. The single-part verification function erroneously compares only the first 4 bytes of the authentication tag, instead of the full 16 bytes. This flaw could lead to unauthenticated payloads being mistakenly identified as authentic, posing significant risks in secure application deployments.",Arm,Trusted Firmware-m,7.5,HIGH,0.0009899999713525176,false,,false,false,false,,,false,false,,2023-09-08T02:15:00.000Z,0
CVE-2021-43619,https://securityvulnerability.io/vulnerability/CVE-2021-43619,Buffer Overflow Vulnerability in Trusted Firmware M by Arm,"The Trusted Firmware M versions 1.4.x to 1.4.1 are susceptible to a buffer overflow issue within the Firmware Update partition. This vulnerability occurs when a psa_fwu_write caller from either Secure Processing Environment (SPE) or Non-Secure Processing Environment (NSPE) is able to overwrite critical stack memory locations, potentially leading to unauthorized access or system instability. Ensuring your firmware is updated to the latest patches is essential for safeguarding against this vulnerability.",Arm,Trusted Firmware-m,7.8,HIGH,0.0010300000431016088,false,,false,false,false,,,false,false,,2022-03-01T04:31:25.000Z,0
CVE-2021-27562,https://securityvulnerability.io/vulnerability/CVE-2021-27562,System Halt Vulnerability in Arm Trusted Firmware M by Arm,"The vulnerability in Arm Trusted Firmware M allows non-secure (NS) world components to interact improperly with secure functions while operating under the Non-Secure Privileged Exception (NSPE) handler mode. This interaction may lead to unexpected system halts, potential overwriting of secure data, or unauthorized printing of sensitive information, raising serious concerns regarding the integrity and confidentiality of secure operations.",Arm,Trusted Firmware M,5.5,MEDIUM,0.957319974899292,true,2021-11-03T00:00:00.000Z,false,false,true,2021-11-03T00:00:00.000Z,,false,false,,2021-05-25T18:27:20.000Z,0