2 matches found
Incorrect Authorization
Overview Affected versions of this package are vulnerable to Incorrect Authorization via the SideroLink connection. An attacker can send arbitrary packets over the interface by exploiting the lack of validation on the packet's destination address. Workaround Users who are not able to upgrade to t...
CVE-2021-26370
Improper validation of destination address in SVCLOADFWIMAGEBYINSTANCE and SVCLOADBINARYBYATTRIB in a malicious UApp or ABL may allow an attacker to overwrite arbitrary bootloader memory with SPI ROM contents resulting in a loss of integrity and availability...