Filtered by vendor Arm
Subscribe
Total
129 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2018-5400 | 2 Arm, Auto-maskin | 5 Arm7, Dcu 210e, Dcu 210e Firmware and 2 more | 2024-11-21 | 6.4 MEDIUM | 9.1 CRITICAL |
| The Auto-Maskin products utilize an undocumented custom protocol to set up Modbus communications with other devices without validating those devices. The originating device sends a message in plaintext, 48:65:6c:6c:6f:20:57:6f:72:6c:64, "Hello World" over UDP ports 44444-44446 to the broadcast address for the LAN. Without verification devices respond to any of these broadcast messages on the LAN with a plaintext reply over UDP containing the device model and firmware version. Following this exchange the devices allow Modbus transmissions between the two devices on the standard Modbus port 502 TCP. Impact: An attacker can exploit this vulnerability to send arbitrary messages to any DCU or RP device through spoofing or replay attacks as long as they have access to the network. Affected releases are Auto-Maskin DCU-210E RP-210E: Versions prior to 3.7 on ARMv7. | |||||
| CVE-2018-3693 | 7 Arm, Fujitsu, Intel and 4 more | 228 Cortex-a, Cortex-r, M12-1 and 225 more | 2024-11-21 | 4.7 MEDIUM | 5.6 MEDIUM |
| Systems with microprocessors utilizing speculative execution and branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a speculative buffer overflow and side-channel analysis. | |||||
| CVE-2018-3640 | 2 Arm, Intel | 199 Cortex-a, Atom C, Atom E and 196 more | 2024-11-21 | 4.7 MEDIUM | 5.6 MEDIUM |
| Systems with microprocessors utilizing speculative execution and that perform speculative reads of system registers may allow unauthorized disclosure of system parameters to an attacker with local user access via a side-channel analysis, aka Rogue System Register Read (RSRE), Variant 3a. | |||||
| CVE-2018-3639 | 12 Arm, Canonical, Debian and 9 more | 321 Cortex-a, Ubuntu Linux, Debian Linux and 318 more | 2024-11-21 | 2.1 LOW | 5.5 MEDIUM |
| Systems with microprocessors utilizing speculative execution and speculative execution of memory reads before the addresses of all prior memory writes are known may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis, aka Speculative Store Bypass (SSB), Variant 4. | |||||
| CVE-2018-19608 | 1 Arm | 1 Mbed Tls | 2024-11-21 | 1.9 LOW | 4.7 MEDIUM |
| Arm Mbed TLS before 2.14.1, before 2.7.8, and before 2.1.17 allows a local unprivileged attacker to recover the plaintext of RSA decryption, which is used in RSA-without-(EC)DH(E) cipher suites. | |||||
| CVE-2018-19440 | 1 Arm | 1 Trusted Firmware-a | 2024-11-21 | 5.0 MEDIUM | 5.3 MEDIUM |
| ARM Trusted Firmware-A allows information disclosure. | |||||
| CVE-2018-1000520 | 1 Arm | 1 Mbed Tls | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| ARM mbedTLS version 2.7.0 and earlier contains a Ciphersuite Allows Incorrectly Signed Certificates vulnerability in mbedtls_ssl_get_verify_result() that can result in ECDSA-signed certificates are accepted, when only RSA-signed ones should be.. This attack appear to be exploitable via Peers negotiate a TLS-ECDH-RSA-* ciphersuite. Any of the peers can then provide an ECDSA-signed certificate, when only an RSA-signed one should be accepted.. | |||||
| CVE-2018-0498 | 2 Arm, Debian | 2 Mbed Tls, Debian Linux | 2024-11-21 | 1.9 LOW | 4.7 MEDIUM |
| ARM mbed TLS before 2.12.0, before 2.7.5, and before 2.1.14 allows local users to achieve partial plaintext recovery (for a CBC based ciphersuite) via a cache-based side-channel attack. | |||||
| CVE-2018-0497 | 2 Arm, Debian | 2 Mbed Tls, Debian Linux | 2024-11-21 | 4.3 MEDIUM | 5.9 MEDIUM |
| ARM mbed TLS before 2.12.0, before 2.7.5, and before 2.1.14 allows remote attackers to achieve partial plaintext recovery (for a CBC based ciphersuite) via a timing-based side-channel attack. This vulnerability exists because of an incorrect fix (with a wrong SHA-384 calculation) for CVE-2013-0169. | |||||
| CVE-2018-0488 | 2 Arm, Debian | 2 Mbed Tls, Debian Linux | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| ARM mbed TLS before 1.3.22, before 2.1.10, and before 2.7.0, when the truncated HMAC extension and CBC are used, allows remote attackers to execute arbitrary code or cause a denial of service (heap corruption) via a crafted application packet within a TLS or DTLS session. | |||||
| CVE-2018-0487 | 2 Arm, Debian | 2 Mbed Tls, Debian Linux | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| ARM mbed TLS before 1.3.22, before 2.1.10, and before 2.7.0 allows remote attackers to execute arbitrary code or cause a denial of service (buffer overflow) via a crafted certificate chain that is mishandled during RSASSA-PSS signature verification within a TLS or DTLS session. | |||||
| CVE-2017-9607 | 1 Arm | 1 Arm-trusted-firmware | 2024-11-21 | 5.1 MEDIUM | 7.0 HIGH |
| The BL1 FWU SMC handling code in ARM Trusted Firmware before 1.4 might allow attackers to write arbitrary data to secure memory, bypass the bl1_plat_mem_check protection mechanism, cause a denial of service, or possibly have unspecified other impact via a crafted AArch32 image, which triggers an integer overflow. | |||||
| CVE-2017-7564 | 1 Arm | 1 Arm Trusted Firmware | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| In ARM Trusted Firmware through 1.3, the secure self-hosted invasive debug interface allows normal world attackers to cause a denial of service (secure world panic) via vectors involving debug exceptions and debug registers. | |||||
| CVE-2017-7563 | 1 Arm | 1 Arm Trusted Firmware | 2024-11-21 | 6.8 MEDIUM | 8.1 HIGH |
| In ARM Trusted Firmware 1.3, RO memory is always executable at AArch64 Secure EL1, allowing attackers to bypass the MT_EXECUTE_NEVER protection mechanism. This issue occurs because of inconsistency in the number of execute-never bits (one bit versus two bits). | |||||
| CVE-2017-5754 | 2 Arm, Intel | 209 Cortex-a, Atom C, Atom E and 206 more | 2024-11-21 | 4.7 MEDIUM | 5.6 MEDIUM |
| Systems with microprocessors utilizing speculative execution and indirect branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis of the data cache. | |||||
| CVE-2017-5753 | 13 Arm, Canonical, Debian and 10 more | 387 Cortex-a12, Cortex-a12 Firmware, Cortex-a15 and 384 more | 2024-11-21 | 4.7 MEDIUM | 5.6 MEDIUM |
| Systems with microprocessors utilizing speculative execution and branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis. | |||||
| CVE-2017-5715 | 7 Arm, Canonical, Debian and 4 more | 221 Cortex-a, Ubuntu Linux, Debian Linux and 218 more | 2024-11-21 | 1.9 LOW | 5.6 MEDIUM |
| Systems with microprocessors utilizing speculative execution and indirect branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis. | |||||
| CVE-2017-2784 | 1 Arm | 1 Mbed Tls | 2024-11-21 | 6.8 MEDIUM | 8.1 HIGH |
| An exploitable free of a stack pointer vulnerability exists in the x509 certificate parsing code of ARM mbed TLS before 1.3.19, 2.x before 2.1.7, and 2.4.x before 2.4.2. A specially crafted x509 certificate, when parsed by mbed TLS library, can cause an invalid free of a stack pointer leading to a potential remote code execution. In order to exploit this vulnerability, an attacker can act as either a client or a server on a network to deliver malicious x509 certificates to vulnerable applications. | |||||
| CVE-2017-18187 | 2 Arm, Debian | 2 Mbed Tls, Debian Linux | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| In ARM mbed TLS before 2.7.0, there is a bounds-check bypass through an integer overflow in PSK identity parsing in the ssl_parse_client_psk_identity() function in library/ssl_srv.c. | |||||
| CVE-2017-15031 | 1 Arm | 1 Arm-trusted-firmware | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| In all versions of ARM Trusted Firmware up to and including v1.4, not initializing or saving/restoring the PMCR_EL0 register can leak secure world timing information. | |||||