CVE-2024-45746 is a critical memory corruption vulnerability found in Trusted Firmware-M versions through 2.1.0. Trusted Firmware-M is a reference implementation of secure firmware for Arm Cortex-M processors, widely used in embedded and IoT devices to provide a trusted execution environment. The vulnerability stems from the handling of mailbox messages, which are used for communication between non-secure and secure worlds. These mailbox messages include pointers to lists of input (in_vec) and output (out_vec) arguments. However, the firmware does not validate these pointers, allowing an attacker to supply malicious pointers that reference arbitrary memory locations. After a PSA (Platform Security Architecture) call, the firmware updates the length of the output arguments in the mailbox_direct_reply function without verifying the pointer's validity or bounds. This unchecked write operation can overwrite arbitrary memory regions within the secure firmware, enabling an attacker to manipulate control flow and execute arbitrary code remotely. The vulnerability is classified under CWE-120 (Classic Buffer Overflow) and has a CVSS 3.1 base score of 9.8, reflecting its critical nature. Exploitation requires no privileges or user interaction and can be performed remotely over the communication interface that handles mailbox messages. This flaw threatens the confidentiality, integrity, and availability of the secure firmware environment, potentially compromising the entire device security.

The impact of CVE-2024-45746 is severe for organizations deploying embedded devices and IoT systems that rely on Trusted Firmware-M for secure operations. Successful exploitation allows attackers to gain remote code execution within the secure firmware, effectively bypassing hardware-enforced security boundaries. This can lead to full compromise of device security, including unauthorized access to sensitive data, manipulation of secure operations, and persistent control over the device. Critical infrastructure, industrial control systems, medical devices, automotive systems, and consumer IoT products using affected firmware are at risk. The vulnerability undermines the trust model of the secure execution environment, potentially enabling attackers to deploy malware, disrupt device functionality, or use compromised devices as footholds for lateral movement in larger networks. Given the widespread adoption of Arm Cortex-M processors and Trusted Firmware-M in embedded systems globally, the threat surface is extensive. Organizations may face operational disruptions, data breaches, and reputational damage if this vulnerability is exploited.

To mitigate CVE-2024-45746, organizations should: 1) Monitor Trusted Firmware-M vendor channels for official patches or firmware updates addressing this vulnerability and apply them promptly. 2) Implement strict input validation and bounds checking on mailbox message pointers within the firmware to prevent malicious pointer dereferencing. 3) Employ hardware security features such as Memory Protection Units (MPUs) to restrict writable memory regions and prevent arbitrary memory writes. 4) Use secure boot and firmware integrity verification mechanisms to detect unauthorized firmware modifications. 5) Limit exposure of the communication interfaces that handle mailbox messages to trusted entities only, employing network segmentation and access controls. 6) Conduct thorough security testing and code audits focusing on pointer validation and memory safety in secure firmware components. 7) For devices in critical environments, consider additional runtime protections such as Control Flow Integrity (CFI) and anomaly detection to identify exploitation attempts. These measures collectively reduce the risk of exploitation and limit potential damage.