PT-2021-20506 · Tsec Ta+1 · Tsec Ta+1

Published

2021-06-22

Updated

2021-06-29

CVE-2021-34393

CVSS v3.1

4.4

Medium

Vector

AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N

Name of the Vulnerable Software and Affected Versions: Trusty (affected versions not specified)

Description: The issue is related to a vulnerability in TSEC TA, where it deserializes incoming messages despite not exposing any command. This could potentially allow an attacker to exploit the deserializer, impacting code execution and causing information disclosure.

Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Deserialization of Untrusted Data

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-502

Related Identifiers

CVE-2021-34393

Affected Products

Tsec Ta

Trusty

PT-2021-20506 · Tsec Ta+1 · Tsec Ta+1

CVE-2021-34393

Weakness Enumeration

Related Identifiers

Affected Products

References · 5