CVE-2024-56187
MEDIUMSeverity by source
AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:L
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:L
Lifecycle Timeline
2DescriptionCVE.org
In ppcfw_deny_sec_dram_access of ppcfw.c, there is a possible arbitrary read from TEE memory due to a logic error in the code. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.
AnalysisAI
In ppcfw_deny_sec_dram_access of ppcfw.c, there is a possible arbitrary read from TEE memory due to a logic error in the code. This could lead to local information disclosure with System execution privileges needed. [CVSS 6.6 MEDIUM]
Technical ContextAI
Classified as CWE-125 (Out-of-bounds Read). In ppcfw_deny_sec_dram_access of ppcfw.c, there is a possible arbitrary read from TEE memory due to a logic error in the code. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.
Affected ProductsAI
In ppcfw_deny_sec_dram_access of ppcfw.c, there is a possible arbitrary read from TEE memory due to a logic error in the code. This could lead to loca
RemediationAI
Monitor vendor advisories for a patch.
Same weakness CWE-125 – Out-of-bounds Read
View allSame technique Information Disclosure
View allShare
External POC / Exploit Code
Leaving vuln.today