CVSS3
Attack Vector
PHYSICAL
Attack Complexity
HIGH
Privileges Required
HIGH
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:P/AC:H/PR:H/UI:N/S:C/C:H/I:N/A:N
EPSS
Percentile
20.8%
An issue was discovered in Trusted Firmware-M through 2.0.0. The lack of argument verification in the logging subsystem allows attackers to read sensitive data via the login function.
Vendor | Product | Version | CPE |
---|---|---|---|
arm | trusted_firmware-m | * | cpe:2.3:a:arm:trusted_firmware-m:*:*:*:*:*:*:*:* |