CVE-2021-34377
Global infos:
Trusty contains a vulnerability in the HDCP service TA where bounds checking in command 9 is missing. Improper restriction of operations within the bounds of a memory buffer might lead to escalation of privileges, information disclosure, and denial of service.
CVE Status: Modified
References:
Metrics:
| Attribute | Value |
|---|---|
| Attack Complexity | LOW |
| Attack Vector | LOCAL |
| Availability Impact | HIGH |
| Base Score | 7.7 |
| Base Severity | HIGH |
| Confidentiality Impact | HIGH |
| Integrity Impact | HIGH |
| Privileges Required | HIGH |
| Scope | CHANGED |
| User Interaction | REQUIRED |
| Vector String | CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:H |
| Exploitability Score | 1.1 |
| Impact Score | 6 |
| Source | [email protected] |
| Type | Secondary |