CyberSec.Space Logo
返回 CVE 瀏覽器

CVE-2017-7563

HIGH
8.1
CVSS Severity Score
EPSS Score0.1500%
EPSS Percentile13.53th
Published2017年6月7日
Last Modified2026年6月8日

Vulnerability Description

In ARM Trusted Firmware 1.3, RO memory is always executable at AArch64 Secure EL1, allowing attackers to bypass the MT_EXECUTE_NEVER protection mechanism. This issue occurs because of inconsistency in the number of execute-never bits (one bit versus two bits).

Affected Platforms (CPE)

💻
Trustedfirmware

Trusted Firmware A

<= 1.3

References & Advisories

🔗 https://github.com/ARM-software/arm-trusted-firmware/wiki/ARM-Trusted-Firmware-Security-Advisory-TFV-3
🔗 https://github.com/ARM-software/arm-trusted-firmware/wiki/ARM-Trusted-Firmware-Security-Advisory-TFV-3

相關漏洞威脅

CVE-2016-56699.8

Crestron Electronics DM-TXRX-100-STR devices with firmware before 1.3039.00040 use a hardcoded 0xb9eed4d955a59eb3 X.509 certificat...

CVE-2021-206958.8

Improper following of a certificate's chain of trust vulnerability in DAP-1880AC firmware version 1.21 and earlier allows a remote...

CVE-2017-57077.8

Multiple buffer overflows in kernel in Intel Trusted Execution Engine Firmware 3.0 allow attacker with local access to the system ...

CVE-2017-57107.8

Multiple privilege escalations in kernel in Intel Trusted Execution Engine Firmware 3.0 allows unauthorized process to access priv...