| |
Vulnerability CVE-2021-34393
Published: 2021-06-22 Modified: 2021-06-23
| Description: |
Trusty contains a vulnerability in TSEC TA which deserializes the incoming messages even though the TSEC TA does not expose any command. This vulnerability might allow an attacker to exploit the deserializer to impact code execution, causing information disclosure. |
Type:
CWE-502 (Deserialization of Untrusted Data)
CVSS2 => (AV:L/AC:L/Au:N/C:P/I:N/A:N)
| CVSS Base Score |
Impact Subscore |
Exploitability Subscore |
2.1/10 |
2.9/10 |
3.9/10 |
| Exploit range |
Attack complexity |
Authentication |
Local |
Low |
No required |
| Confidentiality impact |
Integrity impact |
Availability impact |
Partial |
None |
None |
References: |
https://nvidia.custhelp.com/app/answers/detail/a_id/5205
|
|
|
Copyright 2024, cxsecurity.com
|
|
|
