← ExploitWatch
HomeExploited Vulnerabilities

CVE-2021-27562 — Actively Exploited: Trusted Firmware (Arm)

Arm Trusted Firmware contains an out-of-bounds write vulnerability allowing the non-secure (NS) world to trigger a system halt, overwrite secure data, or print out secure data when calling secure functions under the non-secure processing environment (NSPE) handler mode. This vulnerability affects Yealink Device Managem

CVE IDCVE-2021-27562
VendorArm
ProductTrusted Firmware
Vulnerability nameArm Trusted Firmware Out-of-Bounds Write Vulnerability
Date added2021-11-03
Remediation due2021-11-17
Known ransomware useUnknown
Required actionApply updates per vendor instructions.
DescriptionArm Trusted Firmware contains an out-of-bounds write vulnerability allowing the non-secure (NS) world to trigger a system halt, overwrite secure data, or print out secure data when calling secure functions under the non-secure processing environment (NSPE) handler mode. This vulnerability affects Yealink Device Management servers.
SourceCISA Known Exploited Vulnerabilities

🔍 Search all exploited vulnerabilities →