CVE-2022-47549
MEDIUMOP-TEE < 3.20 - Cryptographic Signature Verification Bypass via Electromagnetic Fault Injection
Title source: llmDescription
An unprotected memory-access operation in optee_os in TrustedFirmware Open Portable Trusted Execution Environment (OP-TEE) before 3.20 allows a physically proximate adversary to bypass signature verification and install malicious trusted applications via electromagnetic fault injections.
References (2)
Core 2
Core References
Third Party Advisory
https://github.com/OP-TEE/optee_os/security/advisories/GHSA-r64m-h886-hw6g
Exploit, Technical Description, Vendor Advisory
https://people.linaro.org/~joakim.bech/reports/Breaking_cross-world_isolation_on_ARM_TrustZone_through_EM_faults_coredumps_and_UUID_confusion.pdf
Scores
CVSS v3
6.4
EPSS
0.0040
EPSS Percentile
31.6%
Attack Vector
PHYSICAL
CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
CISA SSVC
Vulnrichment
Exploitation
none
Automatable
no
Technical Impact
total
Details
CWE
CWE-347
Status
published
Products (2)
linaro/op-tee
< 3.20
trustedfirmware/op-tee
< 3.20
Published
Dec 19, 2022
Tracked Since
Feb 18, 2026