Potential Information Leak in ATF (HWFDE) with Incorrect Error Handling

Potential Information Leak in ATF (HWFDE) with Incorrect Error Handling

CVE-2022-20066 · MEDIUM Severity

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N

In atf (hwfde), there is a possible leak of sensitive information due to incorrect error handling. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06171729; Issue ID: ALPS06171729.

Learn more about our User Device Pen Test.