CVE-2017-9607

low-risk
Published 2017-09-20

The BL1 FWU SMC handling code in ARM Trusted Firmware before 1.4 might allow attackers to write arbitrary data to secure memory, bypass the bl1_plat_mem_check protection mechanism, cause a denial of service, or possibly have unspecified other impact via a crafted AArch32 image, which triggers an integer overflow.

Do I need to act?

-
0.19% chance of exploitation
EPSS score — low exploit probability
-
Not on CISA KEV list
No confirmed active exploitation reported to CISA
?
Patch status unknown
Check vendor advisories for fix availability and mitigation guidance
7
CVSS 7.0/10 High
LOCAL / HIGH complexity

Affected Products (1)

Arm-Trusted-Firmware

Affected Vendors

Arm

References (4)

Issue Tracking https://github.com/ARM-software/arm-trusted-firmware/blob/v1.4/docs/change-log.r...
Issue Tracking https://github.com/ARM-software/arm-trusted-firmware/wiki/ARM-Trusted-Firmware-S...
Issue Tracking https://github.com/ARM-software/arm-trusted-firmware/blob/v1.4/docs/change-log.r...
Issue Tracking https://github.com/ARM-software/arm-trusted-firmware/wiki/ARM-Trusted-Firmware-S...
24
/ 100
low-risk
Severity 18/34 · Moderate
Exploitability 1/34 · Minimal
Exposure 5/34 · Minimal