CVE-2021-35465
CVSS2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:L/AC:L/Au:N/C:P/I:P/A:N
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
HIGH
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:N
EPSS
Percentile
21.0%
Certain Arm products before 2021-08-23 do not properly consider the effect of exceptions on a VLLDM instruction. A Non-secure handler may have read or write access to part of a Secure context. This affects Arm Cortex-M33 r0p0 through r1p0, Arm Cortex-M35P r0, Arm Cortex-M55 r0p0 through r1p0, and Arm China STAR-MC1 (in the STAR SE configuration).
Affected configurations
| Vendor | Product | Version | CPE |
|---|---|---|---|
| arm | cortex-m33 | - | cpe:2.3:h:arm:cortex-m33:-:*:*:*:*:*:*:* |
| arm | cortex-m33_firmware | * | cpe:2.3:o:arm:cortex-m33_firmware:*:*:*:*:*:*:*:* |
| arm | cortex-m35p | - | cpe:2.3:h:arm:cortex-m35p:-:*:*:*:*:*:*:* |
| arm | cortex-m35p_firmware | r0 | cpe:2.3:o:arm:cortex-m35p_firmware:r0:*:*:*:*:*:*:* |
| arm | cortex-m55 | - | cpe:2.3:h:arm:cortex-m55:-:*:*:*:*:*:*:* |
| arm | cortex-m55_firmware | * | cpe:2.3:o:arm:cortex-m55_firmware:*:*:*:*:*:*:*:* |
| arm | china_star-mc1 | - | cpe:2.3:h:arm:china_star-mc1:-:*:*:*:*:*:*:* |
| arm | china_star-mc1_firmware | - | cpe:2.3:o:arm:china_star-mc1_firmware:-:*:*:*:*:*:*:* |
Related
CVSS2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:L/AC:L/Au:N/C:P/I:P/A:N
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
HIGH
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:N
EPSS
Percentile
21.0%