The TrustZone implementation in certain Broadcom MediaxChange firmware could allow an unauthenticated, physically proximate attacker to achieve arbitrary code execution in the TrustZone Trusted Execution Environment (TEE) of an affected device. This, for example, affects certain Cisco IP Phone and Wireless IP Phone products before 2021-07-07. Exploitation is possible only when the attacker can disassemble the device in order to control the voltage/current for chip pins.
References
Link | Resource |
---|---|
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-brcm-mxc-jul2021-26LqUZUh | Vendor Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2021-07-22T16:53:32
Updated: 2021-07-22T16:53:32
Reserved: 2021-05-20T00:00:00
Link: CVE-2021-33478
JSON object: View
NVD Information
Status : Analyzed
Published: 2021-07-22T17:15:09.510
Modified: 2021-08-02T15:38:07.013
Link: CVE-2021-33478
JSON object: View
Redhat Information
No data.
CWE