{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-20T22:35:37.198","vulnerabilities":[{"cve":{"id":"CVE-2020-16273","sourceIdentifier":"cve@mitre.org","published":"2020-11-12T19:15:14.583","lastModified":"2024-11-21T05:07:04.670","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"In Arm software implementing the Armv8-M processors (all versions), the stack selection mechanism could be influenced by a stack-underflow attack in v8-M TrustZone based processors. An attacker can cause a change to the stack pointer used by the Secure World from a non-secure application if the stack is not initialized. This vulnerability affects only the software that is based on Armv8-M processors with the Security Extension."},{"lang":"es","value":"En el software Arm que implementa los procesadores Armv8-M (todas las versiones), el mecanismo de selección de pila podría estar influenciado por un ataque de subdesbordamiento de pila en los procesadores basados ??en TrustZone v8-M. Un atacante puede causar un cambio en el puntero de pila usado por Secure World desde una aplicación no segura si la pila no está inicializada. Esta vulnerabilidad afecta solo al software que se basa en procesadores Armv8-M con la Security Extension"}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":7.8,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.9}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:L/AC:L/Au:N/C:C/I:C/A:C","baseScore":7.2,"accessVector":"LOCAL","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"COMPLETE","integrityImpact":"COMPLETE","availabilityImpact":"COMPLETE"},"baseSeverity":"HIGH","exploitabilityScore":3.9,"impactScore":10.0,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-191"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:arm:armv8-m_firmware:*:*:*:*:*:*:*:*","matchCriteriaId":"5C074E97-5B10-40DC-B412-FBC2EE869816"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:arm:armv8-m:-:*:*:*:*:*:*:*","matchCriteriaId":"7C7D2C39-E6D8-488C-B9C6-45F90A7CD294"}]}]}],"references":[{"url":"https://developer.arm.com/support/arm-security-updates/armv8-m-stack-sealing","source":"cve@mitre.org","tags":["Vendor Advisory"]},{"url":"https://developer.arm.com/support/arm-security-updates/armv8-m-stack-sealing","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]}]}}]}