CVE-2022-47549

MEDIUM Year: 2022
CVSS v3 Score
6.4
Medium
Weakness Type
CWE-347
View all →

Vulnerability Description

An unprotected memory-access operation in optee_os in TrustedFirmware Open Portable Trusted Execution Environment (OP-TEE) before 3.20 allows a physically proximate adversary to bypass signature verification and install malicious trusted applications via electromagnetic fault injections.

Related Vulnerabilities

CVE-2018-18203

MEDIUM
CVSS:6.4(Medium)

A vulnerability in the update mechanism of Subaru StarLink Harman head units 2017, 2018, and 2019 may give an attacker (with physical access to the vehicle's USB ports) the ability to rewrite the firm...

CWE-3472018

CVE-2019-1809

MEDIUM
CVSS:6.4(Medium)

A vulnerability in the Image Signature Verification feature of Cisco NX-OS Software could allow an authenticated, local attacker with administrator-level credentials to install a malicious software pa...

CWE-3472019

CVE-2020-15705

MEDIUM
CVSS:6.4(Medium)

GRUB2 fails to validate kernel signature when booted directly without shim, allowing secure boot to be bypassed. This only affects systems where the kernel signing certificate has been imported direct...

CWE-3472020

CVE-2021-34709

MEDIUM
CVSS:6.4(Medium)

Multiple vulnerabilities in image verification checks of Cisco Network Convergence System (NCS) 540 Series Routers, only when running Cisco IOS XR NCS540L software images, and Cisco IOS XR Software fo...

CWE-3472021

CVE-2024-2451

MEDIUM
CVSS:6.4(Medium)

Improper fingerprint validation in the TeamViewer Client (Full & Host) prior Version 15.54 for Windows and macOS allows an attacker with administrative user rights to further elevate privileges via ex...

CWE-3472024

CVE-2017-10669

MEDIUM
CVSS:6.5(Medium)

Signature Wrapping exists in OSCI-Transport 1.2 as used in OSCI Transport Library 1.6.1 (Java) and OSCI Transport Library 1.6 (.NET). An attacker with access to unencrypted OSCI protocol messages must...

CWE-3472017