CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2024-11864 – SCP-Firmware Vulnerability
https://notcve.org/view.php?id=CVE-2024-11864
14 Jan 2025 — Specifically crafted SCMI messages sent to an SCP running SCP-Firmware release versions up to and including 2.15.0 may lead to a Usage Fault and crash the SCP • https://developer.arm.com/Arm%20Security%20Center/SCP-Firmware%20Vulnerability%20CVE-2024-11863-11864 • CWE-755: Improper Handling of Exceptional Conditions •
CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0CVE-2024-11863 – SCP-Firmware Vulnerability
https://notcve.org/view.php?id=CVE-2024-11863
14 Jan 2025 — Specifically crafted SCMI messages sent to an SCP running SCP-Firmware release versions up to and including 2.15.0 may lead to a Usage Fault and crash the SCP • https://developer.arm.com/Arm%20Security%20Center/SCP-Firmware%20Vulnerability%20CVE-2024-11863-11864 • CWE-755: Improper Handling of Exceptional Conditions •
CVSS: 8.0EPSS: 0%CPEs: 1EXPL: 0CVE-2024-9413
https://notcve.org/view.php?id=CVE-2024-9413
13 Nov 2024 — The transport_message_handler function in SCP-Firmware release versions 2.11.0-2.15.0 does not properly handle errors, potentially allowing an Application Processor (AP) to cause a buffer overflow in System Control Processor (SCP) firmware. • https://developer.arm.com/Arm%20Security%20Center/SCP-Firmware%20Vulnerability • CWE-755: Improper Handling of Exceptional Conditions •