CVE Tracker

CVE ID	Severity	EPSS	Vendor	Description	Date	Status
CVE-2021-27562	High	47.9%	ArmTrusted Firmware	Arm Trusted Firmware contains an out-of-bounds write vulnerability allowing the non-secure (NS) world to trigger a system halt, overwrite secure data, or print out secure data when calling secure functions under the non-secure processing environment (NSPE) handler mode. This vulnerability affects Yealink Device Management servers.	Nov 3, 2021	KEV
CVE-2021-27561	High	94.1%	YealinkDevice Management	Yealink Device Management contains a server-side request forgery (SSRF) vulnerability that allows for unauthenticated remote code execution.	Nov 3, 2021	KEV

CVE-2021-27562KEV

High

Arm Trusted Firmware contains an out-of-bounds write vulnerability allowing the non-secure (NS) world to trigger a system halt, overwrite secure data, or print out secure data when calling secure functions under the non-secure processing environment (NSPE) handler mode. This vulnerability affects Yealink Device Management servers.

ArmEPSS 47.9%

CVE-2021-27561KEV

High

Yealink Device Management contains a server-side request forgery (SSRF) vulnerability that allows for unauthenticated remote code execution.

YealinkEPSS 94.1%